The ransomware claim involves the leak of 22,171,128 medical record files from Healthcare Retroactive Audits, which were left unprotected and released without intervention by the firm, orchestrated by threat actor dragonforce. The breach impacts the United States, with ongoing discussions about the scope of data release and potential repercussions for affected organizations, insurers, and hospitals. #UnitedStates
Incident Details
- Victim: Healthcare Retroactive Audits
- Country:
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=bb3ec11a-0828-4d77-b6ef-0e9f20e7b368
- Discovered: 2025-11-26 16:14:01.836314
- Published: 2025-11-26 15:27:10.019539
Information
- The breach involved 22,171,128 medical record files.
- The files were neatly packaged into 11 archives by the hospital.
- The ransomware group involved is DragonForce.
- Healthcare Retroactive Audits was responsible for auditing data for insurers.
- The firm allowed the leak to happen and took no measures to prevent publication.
- NIH Information Security Program declined to address the issue when approached.
- Open to discussions with affected organizations, insurers, and hospitals affected by the data loss.
- The released files represent only a portion of the total breach, with consideration of expanding the release.
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.