Doctor Alliance breach allegedly exposes patients’ health data

Published: 10 November 2025
AI doctor
Image by Apple

Attackers are threatening the healthcare tech firm to pay ransom or they will release over a million records. The alleged stolen data includes sensitive medical data ranging from diagnoses to checkup summaries.

The cybercriminals announced the attack on a popular data leak forum, which is often utilized to exchange stolen records. The attackers claim that the data was obtained recently and contains over 1.2 million records taken from Doctor Alliance, a healthcare technology firm that provides billing services to physicians.

We’ve reached out to the company and will update the article once we receive a reply.

ADVERTISEMENT

Meanwhile, the Cybernews research team investigated the sample attached to the attackers’ post. The team claims that the data sample makes up 200MB of data that includes various medical records, riddled with sensitive personal data such as:

  • Prescriptions
  • Treatment plans
  • Check-up summaries
  • Hospital orders
  • Names
  • Health insurance claim numbers
  • Home addresses
  • Phone numbers
  • Diagnoses
  • Doctor names
Doctors' Alliance breach post
The post announcing the data breach. Image by Cybernews.

Losing these types of medical records poses a significant risk to the individuals involved. Most obviously, attackers can attempt to use names, addresses, and other data points for identity theft by setting up fraudulent accounts.

However, the real danger here is medical identity theft and insurance fraud. In such cases, attackers can impersonate individuals to obtain prescription drugs. And if the stolen information includes patient histories, it could lead to cases of blackmail.

What makes matters worse is that medical and biometric data are non-recoverable, which means that, unlike passwords or credit cards, users cannot change their medical histories once they've been coåçmpromised.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

“This data leak poses a huge risk of identity theft and medical fraud for the patients involved, such as obtaining medical services or prescription drugs in the victim's name. Both doctors and patients can fall victim to social engineering attacks,” our researchers explained.

ADVERTISEMENT

Healthcare data is among the most valuable prizes on the cybercriminal underground because it often enables cybercriminals to file fraudulent medical claims, resulting in the illicit purchase of prescription drugs.

Doctor Alliance, headquartered in Dallas, works with numerous healthcare organizations in the US, including Intrepid, AccentCare, Carter, Interim, and many others. The company claims to have helped sign millions of medical documents over the past 15 years.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked