🚨 Threat actor claims data breach impacting OpenLoopHealth, exposing over 1.6 million U.S. patient records.

📌 United States 🇺🇸

▪️Organization: OpenLoopHealth
▪️Industry: Digital Health / Telehealth
▪️Type: Data Sale
▪️Threat Actor: stuckin2019
▪️Records: 1.6M+ patient files
▪️Samples: Yes

Overview:

OpenLoopHealth is a U.S. digital health infrastructure provider supporting clinics with clinical, technical, and regulatory systems for virtual-care operations. The threat actor claims to have exfiltrated extensive patient-level PII and medical data.

Allegedly Exposed Data Includes:

 Sample Set 1:

▪️ Full Names
▪️ Email Addresses
▪️ Phone Numbers
▪️ Home Addresses
▪️ Dates of Birth
▪️ Body Stats (Weight, Height)
▪️ Medical Information
▪️ Biometric Data
▪️ More unspecified PHI

Sample Set 2:

▪️ Full Names
▪️ Addresses
▪️ Email Addresses
▪️ Phone Numbers
▪️ IP Addresses
▪️ Prescription Information
▪️ FedEx Tracking Numbers
▪️ Additional metadata

https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/860/164/214/527/241/original/834e05277b3159d3.png