Freedman HealthCare Data Breach
Freedman HealthCare Consulting Firm Breach (2025): 4 Million Records Including SSN & Home Address Exposed via Ransomware
Healthcare consulting and analytics firm serving public and private clients.
Risk Interpretation
High risk because the firm may sit inside large healthcare data flows. Exposure can enable medical fraud, identity theft, provider impersonation, and sensitive health-data profiling.
Impact & Downstream Threats
In late April 2025 Freedman HealthCare discovered a security incident affecting a single file server. World Leaks — formerly Hunters International, now operating as a pure data theft and extortion group — claimed responsibility, alleging exfiltration of 52.4 gigabytes across 42,000 files. When Freedman declined to pay the ransom, World Leaks published the files on its dark web leak site in June 2025. CEO John Freedman publicly maintained that no protected health information was compromised, and
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Freedman HealthCare, a Massachusetts-based health data consulting firm, suffered a breach after the extortion group WorldLeaks (formerly known as Hunters International) infiltrated a single file server in late April 2025. When Freedman declined to pay the ransom, WorldLeaks published the stolen files on its dark web leak site. The group claims to have exfiltrated 52.4 gigabytes of data spanning more than 42,000 files. Because Freedman designs and manages health data infrastructure for state agencies and insurers across California, Delaware, Massachusetts, and other states, affected individuals may never have heard of the company despite it holding their personal information. The exposed data includes names, home addresses, email addresses, phone numbers, and Social Security numbers for approximately 4 million people. Researchers reviewing the leaked files also found plaintext login credentials to state client accounts, raising concern about potential downstream access to public health data systems. Although the company's CEO stated that no protected health information or all-payer claims data was compromised, the presence of Social Security numbers at this scale creates serious exposure for identity theft, medical fraud, and provider impersonation. Freedman notified affected individuals under Massachusetts breach notification law, engaged outside cybersecurity experts, and reported the incident to law enforcement. A law firm announced a breach investigation in June 2025, and the company faces the prospect of class-action litigation. Anyone whose information was exposed should monitor their credit reports, consider placing a credit freeze, and watch for signs of fraudulent activity using their Social Security number.
About Freedman HealthCare
Freedman HealthCare is a Massachusetts-based data and analytics consulting firm that designs and manages health data infrastructure for U.S. state agencies, health insurers, and other healthcare organizations. Its work includes building All-Payer Claims Databases — systems that aggregate healthcare claims data across payers for public health analytics and policy purposes. Client engagements have included state health agencies in California, Rhode Island, Delaware, Hawaii, and Massachusetts, among others.
Why They Hold Your Data
Healthcare consulting and analytics firms collect client, provider, patient, claims, and program data across advisory, policy, and healthcare data-analysis workflows.
Recent Developments
Freedman HealthCare operates as a specialized boutique consultancy in the public health data infrastructure space. No major organizational changes have been publicly reported beyond the 2025 breach and its aftermath.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, full_name, phone_number, physical_address:home, ssn
Dark Web Verification
- Dataset containing ~4.0M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: freedman-healthcare-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Freedman HealthCare
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam