Aroostook Mental Health Services
Aroostook Mental Health Services Inc., a nonprofit behavioral health provider in northern Maine, disclosed that it recently experienced a ransomware attack that disrupted some of its business operations. The total number of individuals potentially affected by the incident has not been disclosed.
AMHC posted a public notice about the incident on its Facebook page on March 26, 2026, alerting the community to the disruption. The organization stated that its investigation into the scope of potentially affected data remains ongoing and that it would update relevant parties as appropriate.
What happened in the Aroostook Mental Health Services data breach
AMHC experienced a network disruption caused by a ransomware attack. According to the organization’s notice, the incident affected some of its business operations and resulted in a temporary interruption to some of its connectivity.
The specific dates when the attack began and was discovered have not been disclosed.
On March 24, 2026, Qilin posted AMHC’s name on a dark web site hosted on the Tor network, claiming to have obtained the organization’s data. AMHC acknowledged in its notice that it was aware its name had been posted on the dark web.
The organization also stated that the dark web posting was “a byproduct of us choosing not to deal with the cybercriminals,” indicating that AMHC refused to pay a ransom demand from the attackers.
The specific types of information that may have been accessed or taken have not yet been determined. The investigation into the full scope of the incident remains ongoing.
AMHC’s response to the breach
AMHC partnered with cyber incident specialists to investigate the scope and nature of the incident. AMHC advised individuals to remain vigilant for suspicious activity and to avoid sharing information with unknown or unverified sources.
As of March 26, 2026, AMHC has not announced credit monitoring or identity protection services for potentially affected individuals. No dedicated call center or response website has been set up for the incident.
Individuals with questions can contact AMHC’s main office at 207-498-6431.
Steps to take if your information was exposed
Because the investigation is still ongoing and the types of affected data have not been confirmed, individuals connected to AMHC may want to take precautionary steps to protect themselves.
Review credit reports regularly by requesting free copies at AnnualCreditReport.com and checking for any unfamiliar accounts or inquiries that could signal misuse of personal information.Consider placing a fraud alert or credit freeze with Equifax, Experian and TransUnion to help prevent unauthorized accounts from being opened.Watch for phishing attempts that reference Aroostook Mental Health Services, AMHC or this breach by name, as scammers often use breach notifications to trick people into sharing personal details.Review health insurance statements carefully for any services or claims that were not authorized, which could be a sign that health information has been misused.Be cautious of unsolicited communications asking for personal, financial or health information, especially from callers, emails or text messages from unknown or unverified sources.