Full List

Search

Search Results (healthcare)

• DentaQuest May 23, 2026 • [ data leak, extortion, healthcare ] In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly obtained from the company. The data included 2.6M unique email addresses along with names, addresses and phone numbers. Much of the data appeared in healthcare enrollment files (ASC X12 transaction sets) with some containing Medicaid IDs, while additional data appeared in member records and related files. DentaQuest acknowledged "a cybersecurity incident involving unauthorized access to a limited portion of our network", and advised they had contained the attack and mitigated the threat.
• Almerys May 22, 2026 • [ data breach, healthcare, personally identifiable information ] Almerys, a French third-party health payments processor, suffered a May 2026 breach involving its online coverage authorization portal used by healthcare professionals and facilities. Reporting said hackers gained access to the portal and that a threat actor later advertised more than 44 million Almerys-linked records and more than 15 million unique French Social Security numbers for sale. Almerys reportedly took the affected portal offline as a containment measure; no named actor, encryption, data destruction, or attacker-caused operational disruption was confirmed.
• Advanced Diagnostic Imaging, P.C. d/b/a AdvancedHEALTH May 16, 2026 • [ data leak, ransomware, healthcare ] DragonForce listed AdvancedHEALTH on its leak site on May 16, 2026 and claimed to have stolen 390 GB of data, including 2.3 million lines of patient data, partner agreements, management, payroll, and HR files. Public reporting noted that AdvancedHEALTH had not confirmed the full scope of DragonForce's claim.
• Clínica Hospital Panamericano May 2, 2026 • [ data leak, healthcare, patient database exposure ] Ch-panamericana.com was listed among the Panamanian incidents in a Vecert Analyzer intelligence report cited by La Estrella de Panam. The domain appears to correspond to Clnica Hospital Panamericano, a healthcare provider in Panam Oeste, and outside monitoring referenced alleged patient database exposure from ch-panamericano.com. The incident was dated May 2, 2026. Outside OSINT reporting linked the leak to ohmydays and Waxx Org., but public reporting did not confirm encryption, data destruction, or operational disruption.
• Groupe 3R (Réseau Radiologique Romand) April 30, 2026 • [ ransomware, data theft, healthcare ] On April 30, 2026, Groupe 3R (Rseau Radiologique Romand) was hit by a ransomware attack that reduced system availability and caused some patient examinations to be rescheduled. The incident was reported to the Swiss Federal Cybersecurity Office and a criminal complaint was filed. Akira later claimed responsibility and alleged theft of 48 GB of data, including patient information, employee identification documents, payment details, and corporate records.
• Advanced Diagnostic Imaging April 30, 2026 • [ ransomware, electronic medical records, healthcare ] Columbia Surgical Partners said it was unable to access electronic medical records after its parent company, Advanced Diagnostic Imaging, was hit by a reported ransomware attack. Available reporting confirms EHR-access disruption at Columbia Surgical Partners, but does not publicly confirm a responsible ransomware group, data theft, ransom demand, restoration timeline, or whether other ADI systems or sites were affected.
• Advanta Genetics LLC April 29, 2026 • [ data leak, healthcare, PII ] Advanta Genetics LLC, a Texas clinical and molecular diagnostics laboratory, was listed by Aurora on April 29, 2026. Aurora claimed access to patient, provider, employee, financial, legal/regulatory, and proprietary company data. DataBreach.com indexed 280,802 rows containing Social Security numbers, birthdates, email addresses, phone numbers, names, and street addresses. Public reporting noted that Advanta had not confirmed the full scope of Aurora's claims and did not confirm encryption or operational disruption.
• Mile Bluff Medical Center April 21, 2026 • [ ransomware, data encryption, system disruption ] Mile Bluff Medical Center experienced system disruptions after a security event that encrypted data, affecting phone and computer systems; clinical teams operated under downtime procedures while the organization investigated and engaged third-party partners.
• Gastroenterology & Hepatology of CNY April 14, 2026 • [ ransomware, data-extortion, healthcare ] Exitium claimed responsibility for a ransomware and data-extortion attack against Gastroenterology & Hepatology of CNY on April 14, 2026, claiming it had encrypted systems and threatened to sell patient records if its demands were not met. DataBreach.com later indexed 196,959 rows associated with the leak, while other public reporting described Exitium's claim as involving approximately 167,303 patient records.
• Rx Management April 8, 2026 • [ ransomware, data leak, healthcare ] INC Ransom listed Australian pharmacy management firm Rx Management on its leak site on April 8, 2026 and threatened to publish more than 180 GB of allegedly stolen data; the data types and full extent were not publicly verified.
• ChipSoft April 7, 2026 • [ ransomware, data breach, healthcare ] ChipSoft was hit by a ransomware attack on April 7, 2026, causing hosted patient-facing and provider-facing digital services to be disconnected or taken offline while the company investigated and restored systems. ChipSoft later confirmed that personal and medical patient data from some Dutch healthcare customers had been stolen and said the stolen data was destroyed and not published.
• ChipSoft April 7, 2026 • [ ransomware, healthcare, data breach ] Embargo ransomware hit ChipSoft on April 7, 2026, disrupting its website and digital healthcare services, causing hospitals to disconnect or take ChipSoft-connected systems offline, and stealing medical personal data from several Dutch healthcare institutions; ChipSoft later said the stolen data had been destroyed.
• Signature Healthcare Brockton Hospital April 6, 2026 • [ cyberattack, data theft, healthcare ] A cyberattack detected on April 6, 2026 affected information systems at Signature Healthcare and Signature Healthcare Brockton Hospital, triggering downtime procedures, ambulance diversion, chemotherapy cancellations, EHR and patient portal outages, pharmacy prescription-fill disruption, lab delays, and medical-record request disruption; Anubis claimed it stole 2 TB of data, but Signature Healthcare did not confirm data theft.
• Minidoka Memorial Hospital April 5, 2026 • [ cyber attack, healthcare, operational disruption ] A cyber incident on Easter morning limited imaging services at Minidoka Memorial Hospital in Rupert, Idaho, leading to temporary emergency patient transfers; internal systems were affected but patient care continued, and imaging was fully restored by midnight on April 19, 2026.
• Eholo Health March 30, 2026 • [ data leak, vulnerability exploitation, medical records ] XP95 claimed it stole 165 GB of data from Eholo Health, including more than 1.1 million medical notes and personal information tied to 601,308 users, after exploiting a vulnerability in the company's systems.
• Caja de Seguro Social (CSS) March 27, 2026 • [ unauthorized intrusion, data leak, medical records ] Caja de Seguro Social (CSS), Panama's public social security and healthcare institution, reported a possible unauthorized intrusion on March 27, 2026 while stating that web services remained operational. The Gentlemen later claimed responsibility for the hack and alleged publication or sale of 3 TB of data, including medical histories, pension records, loan documents, signatures, phone numbers, and radiology files, with the group claiming the medical and pension databases covered 80% of Panama's population.
• CareCloud, Inc. March 16, 2026 • [ unauthorized access, network disruption, electronic health records ] CareCloud experienced unauthorized access and a temporary network disruption on March 16, 2026 that partially affected functionality and data access to one of its six electronic health record environments for approximately eight hours.
• Bonifraterskie Medical Center March 13, 2026 • [ ransomware, data leak, personal data ] Bonifraterskie Medical Center reported a ransomware attack that encrypted part of its server infrastructure and likely exposed personal data.
• The Independent Public Regional Hospital March 7, 2026 • [ cyberattack, ransomware, data encryption ] A cyberattack hit the Independent Public Regional Hospital in Szczecin, Poland, overnight on 03/0703/08/2026, forcing staff to revert to paper-based operations. Hospital authorities said the attack encrypted parts of hospital data and blocked access to critical digital records, temporarily disrupting digital operations. Officials stated urgent treatments and admissions continued, but administrative processes were slower while IT teams worked to restore system access.
• RXNT March 1, 2026 • [ data breach, healthcare, PII ] RXNT, the SaaS provider for the Office of the Attending Physician, experienced a breach on March132026 where attackers accessed the platform and copied patient prescription records, including names, addresses, dates of birth, and medication details.