Arkansas Primary Care 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Arkansas Primary Care Clinic Breach (2025): Patient SSN & Home Address Exposed
Primary care medical practice.
Verified by ObscureIQ Intelligence
75/100Breach Risk Index
27Data Value
40Market Recency
299dSince Breach
Breach Intelligence Summary
Entity: Arkansas Primary Care · Actor: INC Ransom · Sources: 2 references
Attack: Ransomware
Profile: Healthcare provider · Primary care medical services · Regional clinic network · USA
Timeline: Breach (2025-04-24) · Indexed (Jul 02, 2025) · Year (2025)
Exposure: 26K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
Arkansas Primary Care Clinic, PA, a primary-care medical practice in Little Rock, Arkansas, suffered a ransomware attack in late April 2025 carried out by the INC Ransom ransomware-as-a-service group. The attackers claimed to have exfiltrated approximately 15 gigabytes of data before deploying ransomware on the clinic's systems. INC Ransom listed the practice on its dark-web leak site and threatened to publish the stolen data unless ransom demands were met. The breach was indexed by breach-tracking services in early July 2025. The breach affected approximately 26,000 individuals based on records indexed by breach-tracking services. Compromised fields included Social Security numbers, email addresses, phone numbers, and home addresses. As a primary-care clinic, the underlying records exfiltrated by the attackers also include patient identity, insurance, billing, clinical, diagnostic, and treatment information typical of a long-term primary-care relationship, beyond the more limited field set surfaced publicly. For affected patients, the practical risk profile combines identity-fraud exposure with primary-care-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms a primary-care relationship that often spans years of medical records and may include sensitive diagnoses, prescription histories, and insurance information. Patients should treat unsolicited contact referencing Arkansas Primary Care or any past primary-care visit with caution. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance statements for unfamiliar charges, and remain alert to phishing attempts referencing real medical history details that may have been included in the stolen archive.
ObscureIQ assessment: High risk of identity theft, medical fraud, and privacy harm. Primary care data can also support treatment-themed phishing and insurance scams.
Breach Impact
The institutional impact on Arkansas Primary Care is significant relative to the practice's size as a small regional primary-care clinic. Federal HIPAA notification obligations, an Office for Civil Rights review, Arkansas attorney-general filings, and emerging class-action litigation discussions are all underway. INC Ransom's listing of the practice and threatened publication of the stolen 15 GB dataset creates direct evidence of broad data exposure. As a small independent practice with limited cybersecurity budget and staffing, Arkansas Primary Care faces operational and financial challenges in remediation and litigation that are typical of small healthcare providers. The reputational impact is concentrated within the Little Rock primary-care market, where the breach may affect patient retention.
About Arkansas Primary Care
Arkansas Primary Care Clinic, PA is a primary-care medical practice based in Little Rock, Arkansas, providing routine and family medical services to patients across central Arkansas. The clinic operates as a roughly 30-employee independent practice with approximately $6.8 million in annual revenue, typical of a regional primary-care operation. Services include general primary care, preventive medicine, routine examinations, and management of common chronic conditions. As a HIPAA-regulated primary-care provider, Arkansas Primary Care maintains patient identity, contact, insurance, billing, appointment, and clinical records across its routine medical-service workflows, alongside diagnosis, treatment, and prescription information typical of a primary-care relationship that often spans many years.
Why They Hold Your Data
Primary care clinic networks collect patient identity, contact, insurance, billing, appointment, and clinical records across routine medical-service workflows.
Recent Developments
Arkansas Primary Care was attacked by the INC Ransom ransomware group in late April 2025. The attackers claimed to have exfiltrated approximately 15 GB of data before deploying ransomware on the clinic's systems and subsequently listed the practice on the INC Ransom dark-web leak site. The breach was indexed by breach-tracking services in early July 2025. Class-action investigations by U.S. plaintiff law firms began organizing in mid-2025 following the initial disclosure. INC Ransom has been an active ransomware-as-a-service operation throughout 2024 and 2025 with multiple healthcare-sector victims, including Mount Rogers Community Services Board.
Data Points Exposed
4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Home targeting, stalking & physical threat
- Full identity theft & synthetic identity fraud
Threat Actor: INC Ransom
INC Ransom
Ransomware
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Arkansas Primary Care breach?▾
Arkansas Primary Care Clinic, PA, a primary-care medical practice in Little Rock, Arkansas, suffered a ransomware attack in late April 2025 carried out by the INC Ransom ransomware-as-a-service group. The attackers claimed to have exfiltrated approximately 15 gigabytes of data before deploying…
What data was exposed?▾
Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation