The Nevada-based clinic recently announced it was impacted by a data breach linked to ransomware organization INC.
OB-GYN Associates of Reno recently notified the Attorney General of Maine of a data breach impacting 62,238 individuals.
According to the notice, suspicious activity was detected on OB-GYN Associates’ network on August 7th, 2025. Upon discovery, the practice quickly launched an investigation with the help of third-party forensic specialists. The incident was soon isolated, but the organization determined that a third party had successfully acquired certain data. Impacted data included: first and last names, Social Security numbers, driver’s license numbers, and medical information. The investigation was completed on September 29th, 2025.
OB-GYN Associates of Reno has not published a notice on their website, which means it’s possible that victims do not yet know about the attack.
According to Beyond Machine, INC claimed the attack on August 30th, 2025. The group left a ransom note that read “The full leak will be published soon, unless a company representative contacts us via the channels provided.”
INC is a very active ransomware group and has claimed approximately 524 victims since it first appeared in August of 2023, according to Ransomware Live.
According to Microsoft’s threat intelligence team, the group also sells ransomware services to other groups, including Vanilla Tempest, a financially motivated group that specifically targets US healthcare organizations. It’s unclear if this attack was solely carried out by Inc Ransom, or if Vanilla Tempest was also part of the operation.
OB-GYN Associates stated that “data security is one of [their] highest priorities. Upon detecting this incident, we moved quickly to initiate a response…We wiped and rebuilt affected systems and have taken steps to bolster our network security.” Despite their improvements now, data breaches cannot be undone. While we don’t know which vector the attack originated from, according to Paubox reports, being proactive about network and email security systems is one of the best strategies to prevent an attack. Organizations should prioritize strengthening email infrastructure, utilizing advanced threat detection, and eliminating the risk of human error.
OB-GYN did not publicly confirm the incident was a ransomware attack, but the ransomware group Inc., claimed the incident. Information from ransomware organizations should never be fully trusted, but the details–along with information from trusted government sources, can give us insight into what may have happened.
No, sometimes ransomware organizations pose empty threats. Although generally unadvised, OB-GYN Associates may also attempt to negotiate with the group, which could prevent the data from reaching the dark web; however, ransomware organizations are unlikely to negotiate in good faith.