North Country HealthCare - Federally Qualified Health Center (FQHC) network in Arizona.
DISPUTED / FABRICATED - NO CONFIRMED BREACH. In mid-July 2025, the Stormous ransomware group claimed to have stolen PII/PHI on approximately 600,000 North Country HealthCare (an Arizona FQHC) patients and threatened to sell or publish it. North Country HealthCare investigated with internal teams and independent cybersecurity experts and confirmed the claim was FALSE: no breach occurred and the posted data was fabricated (inconsistent gender information, addresses that could not be verified). This record should NOT be published as a breach; the ~500,000/600,000 figures are fabricated and unassociated with NCHC systems.
ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Community-health settings may also involve economically vulnerable populations who are easier to target with convincing scams.
No confirmed breach occurred. The fabricated Stormous claim created reputational noise and patient concern but, per North Country HealthCare’s investigation and independent analysis, no genuine patient data was exposed. Any downstream risk is not substantiated.
North Country HealthCare is a nonprofit federally qualified health center (FQHC) network based in Flagstaff, Arizona, providing primary care, dental, behavioral-health, and community health services across rural and northern Arizona, largely to underserved populations.
Federally Qualified Health Centers collect patient identity, contact, insurance, billing, appointment, and clinical records across community health and primary care services.
In mid-July 2025 the Stormous ransomware group claimed on its leak site to have stolen data on roughly 600,000 North Country HealthCare patients. North Country HealthCare investigated with internal teams and independent cybersecurity experts and publicly confirmed the claim was FALSE and that no breach occurred; the posted data showed multiple indicators of fabrication, including inconsistent gender fields and unverifiable addresses.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
If you believe your information may be included:
DISPUTED / FABRICATED - NO CONFIRMED BREACH. In mid-July 2025, the Stormous ransomware group claimed to have stolen PII/PHI on approximately 600,000 North Country HealthCare (an Arizona FQHC) patients and threatened to sell or publish it. North Country HealthCare investigated with internal teams…
Verified fields include N/A.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation