AdvancedHEALTH in the United States is accused by the dragonforce ransomware threat actor of having its data leaked, including 2,300,000 lines of full patient information plus partner agreements, management, payroll, and HR files. The claim threatens to release an additional 1,000 lines of patient data per day until payment is made or the timer ends, with new leaks planned daily (Day 1: https://temp.sh/aLnBB/ADI-Day1.zip). #UnitedStates
Incident Details
- Victim: AdvancedHEALTH
- Sector: Healthcare
- Country: US
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=ebf90db7-5028-44c5-92f3-d093a01b6226
- Discovered: 2026-05-16T09:21:42.445657+00:00
- Published: 2026-05-14T16:32:33.240497+00:00
Information
- 2,300,000 lines of full patient data, partner agreements, management, payroll, and HR files
- 1,000 lines of patient data will be leaked per day until payment is made or the timer expires
- Fresh leaks are expected daily
- Day 1 leak: https://temp.sh/aLnBB/ADI-Day1.zip
- Day 2 leak: expected around 5PM UTC
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.