Freedman HealthCare 2025 Data Breach

Freedman HealthCare Consulting Firm Breach (2025): 4 Million Records Including SSN & Home Address Exposed via Ransomware | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

WorldLeaksRansomwareMedicalEmail AddressFull NamePhone NumberPhysical AddressSocial Security Number
High SeverityWebsite / service breach

Freedman HealthCare Consulting Firm Breach (2025): 4 Million Records Including SSN & Home Address Exposed via Ransomware

Healthcare consulting and analytics firm serving public and private clients.

Verified by ObscureIQ Intelligence
79/100Breach Risk Index
33Data Value
40Market Recency
290dSince Breach

Breach Intelligence Summary

Entity: Freedman HealthCare · Actor: WorldLeaks · Sources: 2 references
Attack: Ransomware
Profile: Company · Healthcare consulting and analytics · Advisory services provider · USA
Timeline: Breach (2025-06-15) · Indexed (Jul 11, 2025) · Year (2025)
Exposure: 4.0M records · 5 fields: Email Address, Full Name, Phone Number, Physical Address, Social Security Number
Status: Reported

Executive Summary

Freedman HealthCare, a Massachusetts-based health data consulting firm, suffered a breach after the extortion group WorldLeaks (formerly known as Hunters International) infiltrated a single file server in late April 2025. When Freedman declined to pay the ransom, WorldLeaks published the stolen files on its dark web leak site. The group claims to have exfiltrated 52.4 gigabytes of data spanning more than 42,000 files. Because Freedman designs and manages health data infrastructure for state agencies and insurers across California, Delaware, Massachusetts, and other states, affected individuals may never have heard of the company despite it holding their personal information. The exposed data includes names, home addresses, email addresses, phone numbers, and Social Security numbers for approximately 4 million people. Researchers reviewing the leaked files also found plaintext login credentials to state client accounts, raising concern about potential downstream access to public health data systems. Although the company's CEO stated that no protected health information or all-payer claims data was compromised, the presence of Social Security numbers at this scale creates serious exposure for identity theft, medical fraud, and provider impersonation. Freedman notified affected individuals under Massachusetts breach notification law, engaged outside cybersecurity experts, and reported the incident to law enforcement. A law firm announced a breach investigation in June 2025, and the company faces the prospect of class-action litigation. Anyone whose information was exposed should monitor their credit reports, consider placing a credit freeze, and watch for signs of fraudulent activity using their Social Security number.

ObscureIQ assessment: High risk because the firm may sit inside large healthcare data flows. Exposure can enable medical fraud, identity theft, provider impersonation, and sensitive health-data profiling.

Breach Impact

In late April 2025 Freedman HealthCare discovered a security incident affecting a single file server. World Leaks — formerly Hunters International, now operating as a pure data theft and extortion group — claimed responsibility, alleging exfiltration of 52.4 gigabytes across 42,000 files. When Freedman declined to pay the ransom, World Leaks published the files on its dark web leak site in June 2025. CEO John Freedman publicly maintained that no protected health information was compromised, and that no all-payer claims data was affected. Researchers reviewing the published files found management credentials, employee personnel records including visa applications, bank statements, tax documents, pay stubs, and state contracts — as well as plaintext login credentials to state client accounts, which created potential downstream access risk to sensitive public health data systems. Freedman notified affected individuals under Massachusetts breach notification law, engaged external cybersecurity experts, and reported the incident to law enforcement. A law firm announced a breach investigation in June 2025.

About Freedman HealthCare

Freedman HealthCare is a Massachusetts-based data and analytics consulting firm that designs and manages health data infrastructure for U.S. state agencies, health insurers, and other healthcare organizations. Its work includes building All-Payer Claims Databases — systems that aggregate healthcare claims data across payers for public health analytics and policy purposes. Client engagements have included state health agencies in California, Rhode Island, Delaware, Hawaii, and Massachusetts, among others.

Why They Hold Your Data

Healthcare consulting and analytics firms collect client, provider, patient, claims, and program data across advisory, policy, and healthcare data-analysis workflows.

Recent Developments

Freedman HealthCare operates as a specialized boutique consultancy in the public health data infrastructure space. No major organizational changes have been publicly reported beyond the 2025 breach and its aftermath.

Data Points Exposed

5 verified field types
Email Address
Full Name High
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat
  • Full identity theft & synthetic identity fraud

Threat Actor: WorldLeaks

WorldLeaks
Ransomware

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Freedman HealthCare breach?

Freedman HealthCare, a Massachusetts-based health data consulting firm, suffered a breach after the extortion group WorldLeaks (formerly known as Hunters International) infiltrated a single file server in late April 2025. When Freedman declined to pay the ransom, WorldLeaks published the stolen…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation