Senior care and healthcare management consulting firm.
Health Dimensions Group, a Minneapolis-based senior-care management and consulting firm, suffered a ransomware attack attributed to the WorldLeaks group, discovered November 6, 2025 (access ~October 31-November 17, 2025). A file review completed March 2, 2026 determined 450 individuals were affected. Exposed data included names, addresses, dates of birth, Medicare numbers, medical record numbers, start-of-care and certification dates, provider names/addresses, advance-directive types, diagnoses/health status, medication lists, and treatment orders/goals. (NOTE: the prior record listed ~94,084 affected and Social Security numbers; the official notification confirms only 450 individuals and lists Medicare numbers, not SSNs - corrected.)
ObscureIQ assessment: High risk because the firm may sit inside sensitive care and operational data flows. Exposure can enable medical fraud, provider impersonation, and targeting of vulnerable healthcare populations.
Although the confirmed affected population is small (about 450), the exposed data is unusually rich clinical and care-planning information for an elderly, vulnerable population, Medicare numbers, medical record numbers, diagnoses/health status, medication lists, treatment orders, and advance directives. This enables medical identity fraud, Medicare/insurance abuse, and highly targeted scams against seniors and their families, with severe privacy sensitivity per affected individual.
Health Dimensions Group (HDG) is a Minneapolis, Minnesota-based senior-living and senior-care management and consulting firm that operates and advises skilled-nursing, assisted-living, and post-acute/home-health programs. As a manager and consultant embedded in care operations, it holds resident/patient clinical, Medicare, and care-planning records alongside facility and staffing data.
Healthcare consulting and management firms collect client, facility, resident, patient, staffing, and operational records across advisory, compliance, and healthcare-management workflows.
HDG discovered a ransomware incident on November 6, 2025 (unauthorized access ~October 31-November 17, 2025), attributed to the WorldLeaks group. A file review completed March 2, 2026 determined the incident affected 450 individuals (including 1 Maine resident). HDG notified affected individuals and implemented additional security measures.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.
If you believe your information may be included:
Health Dimensions Group, a Minneapolis-based senior-care management and consulting firm, suffered a ransomware attack attributed to the WorldLeaks group, discovered November 6, 2025 (access ~October 31-November 17, 2025). A file review completed March 2, 2026 determined 450 individuals were…
Verified fields include Date of Birth, Full Name, Government ID, Medical Diagnosis, Medical Record Number, Medication, Physical Address, Treatment Information.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation