Medenet, Inc. Hit by Akira Ransomware Attack, Exposing Sensitive Data
Florida-based Medenet, Inc., a provider of medical billing, electronic medical records (EMR), and revenue cycle management services, suffered a ransomware attack on December 26, 2025. The cybercriminal group Akira claimed responsibility, announcing the breach on the dark web on January 29, 2026, and alleging the theft of 24 GB of corporate data. Exposed information included Social Security numbers, driver’s licenses, passports, contracts, financial records, and confidential medical files.
Medenet responded by launching an investigation with computer forensic specialists, securing its systems, and reporting the incident to the FBI. The breach was officially disclosed to the Massachusetts Attorney General’s office on June 2, 2026, with six Massachusetts residents confirmed as affected.
The law firm Shamis & Gentile P.A. is investigating potential compensation claims for individuals impacted by the breach. Medenet, founded in 1991, primarily serves physician practices in the Tampa Bay area, offering billing, collections, coding analysis, and EMR consulting services.
Source: https://www.claimdepot.com/investigations/medenet-data-breach-2026
Mednet Medical Billing and Coding cybersecurity rating report: https://www.rankiteo.com/company/mednet-medical-billing
"id": "MED1780554290",
"linkid": "mednet-medical-billing",
"type": "Ransomware",
"date": "12/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': '6 Massachusetts residents '
'confirmed',
'industry': 'Healthcare',
'location': 'Florida, USA',
'name': 'Medenet, Inc.',
'type': 'Medical billing and EMR services provider'}],
'data_breach': {'data_exfiltration': '24 GB of corporate data',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers',
'driver’s licenses',
'passports',
'contracts',
'financial records',
'confidential medical files']},
'date_detected': '2025-12-26',
'date_publicly_disclosed': '2026-06-02',
'description': 'Florida-based Medenet, Inc., a provider of medical billing, '
'electronic medical records (EMR), and revenue cycle '
'management services, suffered a ransomware attack on December '
'26, 2025. The cybercriminal group Akira claimed '
'responsibility, announcing the breach on the dark web on '
'January 29, 2026, and alleging the theft of 24 GB of '
'corporate data. Exposed information included Social Security '
'numbers, driver’s licenses, passports, contracts, financial '
'records, and confidential medical files.',
'impact': {'data_compromised': '24 GB of corporate data',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Akira'},
'references': [{'date_accessed': '2026-01-29',
'source': 'Dark web announcement by Akira'},
{'date_accessed': '2026-06-02',
'source': 'Massachusetts Attorney General’s office '
'disclosure'}],
'regulatory_compliance': {'legal_actions': 'Potential compensation claims '
'being investigated by Shamis & '
'Gentile P.A.',
'regulatory_notifications': 'Massachusetts Attorney '
'General’s office'},
'response': {'containment_measures': 'Systems secured',
'law_enforcement_notified': 'FBI',
'third_party_assistance': 'Computer forensic specialists'},
'threat_actor': 'Akira',
'title': 'Medenet, Inc. Hit by Akira Ransomware Attack, Exposing Sensitive '
'Data',
'type': 'ransomware'}