Cybercrime gang hacks major health data provider – millions of highly personal files could be at risk of breach
- World Leaks adds Freedman HealthCare to its data leak site
- The group claims to have exfiltrated tens of thousands of files
- The company is staying silent for now
A cybercrime gang claims to have breached Freedman HealthCare, a US-based consulting firm which helps states and healthcare organizations handle data, and allegedly stole thousands of sensitive files.
A threat actor called World Leaks added Freedman HealthCare to its data leak website. The group is a new entrant in the cybercrime space, with some saying it’s a rebrand of Hunters International, while others report it’s a spin-off of the infamous organization.
In any case, the group added the consulting firm to its site, but hasn’t yet uploaded any files, most likely to try and pressure it into paying the ransom demand.
Extortion as a service
The attackers claim to have stolen 42,204 files, amounting to more than 50GB, but the nature of the stolen files isn’t known, nor is the amount of money requested.
The company handles personal health information of millions of Americans, including sensitive data processed in Medicaid and commercial insurance claims, state health and human services agencies, social determinants of health datasets, and healthcare workforce initiatives.
Freedman HealthCare has not yet addressed these claims, so we don’t even know if they’re legitimate, or not.
However, Hunters International has a relatively good track record, with notable past victims including Toyota Brazil, NanoLumens, Integrated Control, and Frederick Wildman and Sons.
World Leaks apparently operates on an “extortion-as-a-service” model, launched in early 2025. The Register notes Hunters International found their ransomware work too risky, especially with international law enforcement operations actively targeting these groups. This prompted them to switch from the usual double extortion tactics to extortion as a service, resulting in the creation of World Leaks.
The group appears to be Russian in origin, and is rather active, with more than 150 victims in the last year.
You might also like
World Leaks adds Freedman HealthCare to its data leak site The group claims to have exfiltrated tens of thousands of files The company is staying silent for now A cybercrime gang claims to have breached Freedman HealthCare, a US-based consulting firm which helps states and healthcare organizations handle data, and…
