MPOWERHealth, a Texas-based healthcare company specializing in clinical support for neuromusculoskeletal and orthopedic practices, suffered a major data breach on August 19, 2025, orchestrated by the hacking group Worldleaks. The attackers infiltrated the company’s systems, exfiltrated sensitive data, and leaked it on a dark web forum via the Tor network. The compromised data reportedly includes personally identifiable information (PII) and protected health information (PHI) of over 55,000 patients and employees, such as names, contact details, dates of birth, Social Security numbers, health insurance records, medical histories, and billing/payment information. Worldleaks made the stolen data available for download, exposing affected individuals to identity theft, financial fraud, and further cybercriminal exploitation. MPOWERHealth has yet to issue an official public statement but is expected to conduct internal reviews and comply with state/federal disclosure requirements. The breach poses severe risks to patient privacy, regulatory compliance (e.g., HIPAA violations), and the company’s reputation, with potential long-term financial and operational repercussions.
Source: https://www.claimdepot.com/data-breach/mpowerhealth-2025
TPRM report: https://www.rankiteo.com/company/mpoweringhealthcare
"id": "mpo3602536091725",
"linkid": "mpoweringhealthcare",
"type": "Cyber Attack",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '55,000+ (patients and '
'employees)',
'industry': 'Healthcare (Neuromusculoskeletal and '
'Orthopedic Clinical Support)',
'location': 'Texas, USA',
'name': 'MPOWERHealth',
'type': 'Healthcare Company'}],
'customer_advisories': ['Carefully review notices from MPOWERHealth',
'Monitor for identity theft',
'Consider credit freezes/fraud alerts',
'Avoid sharing personal info in response to '
'unsolicited contacts'],
'data_breach': {'data_exfiltration': 'Confirmed (data offered for download on '
'dark web)',
'number_of_records_exposed': '55,000+',
'personally_identifiable_information': 'Yes (names, SSNs, '
'contact info, dates '
'of birth)',
'sensitivity_of_data': 'High (includes SSNs, medical records, '
'and financial data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Names',
'Contact Information',
'Dates of Birth',
'Social Security Numbers',
'Health Insurance Information',
'Medical Records',
'Billing/Payment Information']},
'date_publicly_disclosed': '2025-08-19',
'description': 'MPOWERHealth, a Texas-based healthcare company providing '
'clinical support to neuromusculoskeletal and orthopedic '
'practices, experienced a major data breach. The hacking group '
'Worldleaks claimed responsibility for the cyberattack on Aug. '
'19, 2025, and disclosed the incident on a dark web forum. '
'Attackers allegedly accessed and leaked sensitive company '
'data, including personally identifiable information (PII) and '
'protected health information (PHI) of over 55,000 patients '
'and employees. Compromised data may include names, contact '
'information, dates of birth, Social Security numbers, health '
'insurance details, medical records, and billing/payment '
'information. Worldleaks offered the data for download, making '
'it accessible to other malicious actors.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive patient and '
'employee data',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)',
'Names',
'Contact Information',
'Dates of Birth',
'Social Security Numbers',
'Health Insurance Information',
'Medical Records',
'Billing/Payment Information'],
'identity_theft_risk': 'High (due to exposure of SSNs, financial, '
'and health data)',
'legal_liabilities': 'Pending state and federal disclosures; '
'potential regulatory violations (e.g., '
'HIPAA)',
'payment_information_risk': 'High (billing/payment information '
'compromised)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes (offered for download '
'by Worldleaks)',
'high_value_targets': ['Patient PHI/PII',
'Employee data',
'Medical records',
'Billing/payment '
'information']},
'investigation_status': 'Ongoing (review initiated to identify impacted '
'individuals)',
'ransomware': {'data_exfiltration': 'Yes (data leaked by Worldleaks)'},
'recommendations': ['Monitor financial accounts and credit reports for '
'identity theft',
'Place fraud alerts or credit freezes with major credit '
'bureaus',
'Be cautious of phishing attempts (unsolicited '
'emails/calls requesting personal information)',
'Review notices from MPOWERHealth for further '
'instructions'],
'references': [{'source': 'Claim Depot (via dark web forum disclosure)'},
{'source': 'MPOWERHealth Website'}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA '
'violations (PHI exposure)',
'State-level data breach '
'notification laws (e.g., '
'Texas)'],
'regulatory_notifications': 'Pending (state and '
'federal disclosures '
'expected)'},
'response': {'communication_strategy': 'Pending (no official public statement '
'yet; state/federal disclosures '
'expected soon)',
'incident_response_plan_activated': 'Likely (review initiated to '
'identify impacted '
'individuals)'},
'threat_actor': 'Worldleaks',
'title': 'MPOWERHealth Data Breach',
'type': 'Data Breach'}