Arbeitsgemeinschaft Wirtschaftlichkeitsprüfung Niedersachsen e.V. (Arwini)
May 5, 2026
•[ ransomware, data exfiltration, health information ]
Kairos ransomware actors attacked Arbeitsgemeinschaft Wirtschaftlichkeitsprfung Niedersachsen e.V. (Arwini), the prescription-review association for statutory health insurance prescriptions in Lower Saxony. Police confirmed Kairos was responsible, that ransomware was used to encrypt data, and that data exfiltration occurred. Potentially affected data included contact, health, and billing information for patients; more than 70,000 records may have been stolen, though the exact scope remained under investigation.
Zealthy
January 16, 2026
•[ data leak, health information, personal information ]
Records advertised as Zealthy data were offered for sale online in January 2026, with sample files showing patient personal and health information; Zealthy had not publicly confirmed the incident in the reporting reviewed.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ unauthorized access, data leak, health information ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
Arthur Ashe Institute for Urban Health Inc.
May 18, 2025
•[ unauthorized access, personally identifiable information, health information ]
Unauthorized access to systems at Arthur Ashe Institute for Urban Health Inc. between April 4 and May 18, 2025 may have exposed personally identifiable and health information according to breach notifications.
