MCBS, LLC Data Breach
MCBS LLC Healthcare Business Services Breach (2025): 6.6 Million Records Including SSN & Home Address Exposed
Georgia-based medical billing and practice management services firm serving healthcare providers
Risk Interpretation
Exposure from this type of medical billing dataset can enable identity theft, medical identity fraud, insurance abuse, patient impersonation, targeted phishing, and highly credible social engineering against both patients and providers. The reported inclusion of Social Security numbers, contact data, and potential medical information makes the breach especially dangerous because attackers can combine financial identity abuse with healthcare-themed fraud and long-tail extortion or doxxing risk.
Impact & Downstream Threats
In September 2025 MCBS, LLC suffered a ransomware attack carried out by the PEAR group, exposing approximately 6.6 million records including names, email addresses, phone numbers, home addresses, and Social Security numbers. Because MCBS processes patient billing data on behalf of healthcare providers, the exposed records represent patient information from across its provider network rather than the company's own direct customers. A class-action lawsuit, Neff v. MCBS, LLC, was filed in October 2
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
MCBS, LLC, a Georgia-based medical billing and practice management firm, was hit by a ransomware attack carried out by the threat group PEAR in September 2025. The attack exposed approximately 6.6 million records. Because MCBS processes billing and administrative data on behalf of healthcare providers across the United States, the affected individuals are largely patients whose information was held by MCBS as part of its revenue cycle management services. The exposed data includes names, home addresses, email addresses, phone numbers, and Social Security numbers. This combination is particularly dangerous. Social Security numbers can be used to open fraudulent credit accounts, file false tax returns, and commit medical identity fraud, where an attacker uses a victim's identity to obtain healthcare services or insurance reimbursements. The healthcare context of this breach makes victims especially vulnerable to impersonation and insurance abuse, as well as phishing attempts that use accurate personal and medical details to appear credible. A class action lawsuit, Neff v. MCBS, LLC, was filed in the Southern District of Georgia in October 2025, alleging the company failed to adequately secure sensitive information. MCBS moved to dismiss the case in December 2025, arguing plaintiffs had not demonstrated actual harm. No settlement or further regulatory action had been publicly documented as of early 2026. Affected individuals should monitor their credit reports, consider placing a credit freeze with the three major bureaus, and remain alert to unsolicited contact referencing their healthcare or insurance information.
About MCBS, LLC
MCBS, LLC is a Georgia-based medical billing and practice management services firm providing revenue cycle management, coding, accounts receivable, and related administrative services to healthcare providers. The company operates as a business associate under HIPAA, processing patient financial and administrative data on behalf of its provider clients. It serves a substantial number of healthcare practices and facilities across the United States.
Why They Hold Your Data
A medical billing and practice management firm like MCBS typically handles patient identity data, contact details, insurance and claims information, billing records, account balances, clinical-adjacent administrative data, and internal provider operations data as part of revenue cycle management, coding, payment processing, and compliance support workflows. Because it works on behalf of healthcare providers, its systems can also contain especially sensitive patient-linked identifiers used to process claims and manage accounts across multiple practices.
Recent Developments
MCBS, LLC does not maintain a significant public profile beyond its service offering. No major organizational changes have been prominently reported in public sources in the period prior to the 2025 breach.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, full_name, phone_number, physical_address:home, ssn
Dark Web Verification
- Dataset containing ~6.6M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: mcbs-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of MCBS, LLC
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam