Hematology Oncology Consultants 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
Hematology Oncology Consultants Cancer Specialty Breach (2025): Patient SSN & Contact Records Exposed
Medical practice specializing in blood disorders and cancer care.
Verified by ObscureIQ Intelligence
88/100Breach Risk Index
27Data Value
60Market Recency
132dSince Breach
Breach Intelligence Summary
Entity: Hematology Oncology Consultants · Actor: Rhysida · Sources: 2 references
Attack: Unknown
Profile: Healthcare provider · Cancer treatment and specialty care · Oncology clinic network · USA
Timeline: Breach (2025-10-17) · Indexed (Dec 16, 2025) · Year (2025)
Exposure: 63K records · 4 fields: Email Address, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
Hematology Oncology Consultants, a Michigan-based private practice specialising in hematology and oncology care, was named on October 17, 2025 as a victim of the Rhysida ransomware operation. The threat actor listed the practice on its dark-web leak site, although the listing as observed contained limited public detail beyond the attribution itself. The breach was subsequently surfaced and reported by dark-web monitoring services in mid-December 2025.\n\nThe breach affected approximately 63,000 individuals. Compromised fields included email addresses, phone numbers, home addresses, and Social Security numbers. As a hematology and oncology specialty practice, the underlying records exfiltrated by the attackers also include cancer and blood-disorder diagnostic, treatment, billing, and insurance information typical of an oncology specialty clinic. Public disclosure has emphasised the identity-data subset, while the broader medical-record exposure aligns with patterns observed in comparable oncology breaches.\n\nFor affected patients, the practical risk profile combines severe identity-fraud exposure with cancer-treatment-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms the existence of an oncology or hematology care relationship, which can support medical-themed scams referencing real treatments, infusion appointments, or insurance claims. Cancer patients are unusually attractive targets for emotionally manipulative phishing because their care relationships are often emotionally charged and high-frequency. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance explanation-of-benefits statements for unfamiliar charges, and treat any unsolicited contact referencing the practice, oncology treatment, or insurance verification with extreme caution.
ObscureIQ assessment: Extremely sensitive. Exposure enables identity theft, medical fraud, and serious privacy harm tied to cancer treatment status, which can also support coercive or emotionally targeted scams.
Breach Impact
The institutional impact on Hematology Oncology Consultants is meaningful given the small size of the practice relative to the breach's scope. Federal HIPAA notification obligations, state attorney-general filings, and active U.S. plaintiff class-action investigations create a substantial compliance and litigation pipeline. Comparable oncology breaches such as the South Texas Oncology and Hematology incident, which settled for $1.075 million, suggest the likely cost trajectory for cancer-care practices facing similar lawsuits. Operationally, the practice continues to provide patient care. Reputational exposure is concentrated within the Michigan oncology market and within the broader specialty-care community where breach handling has become a procurement filter for referring providers and insurers.
About Hematology Oncology Consultants
Hematology Oncology Consultants is a U.S.-based private medical practice based in Michigan, specializing in hematology and oncology care for patients with blood disorders and cancer. The practice operates within a specialty-clinic model focused on outpatient cancer treatment, blood-disorder management, infusion services, and supporting care. As a HIPAA-regulated healthcare provider, the practice holds substantial volumes of protected health information including patient identity, contact, insurance, billing, diagnostic, and treatment records relating to cancer and hematological conditions. The patient base typically maintains long-term care relationships given the chronic nature of many oncology and hematology conditions.
Why They Hold Your Data
Oncology practices collect highly sensitive patient identity, insurance, billing, appointment, and cancer-treatment records across specialty care operations.
Recent Developments
Hematology Oncology Consultants was named on October 17, 2025 as a victim of the Rhysida ransomware operation, which listed the practice on its dark-web leak site. The breach was independently reported by dark-web monitoring services and breach-tracking aggregators. U.S. plaintiff law firms began organizing class-action investigations following the December 15, 2025 surfacing of the data on dark-web monitoring sites. The practice has not publicly released a detailed statement characterising the incident as of this writing. The Rhysida group has been active in healthcare-sector ransomware throughout 2025 and 2026, with multiple specialty-clinic and hospital victims.
Data Points Exposed
4 verified field types
Email Address
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:High
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Home targeting, stalking & physical threat
- Full identity theft & synthetic identity fraud
Threat Actor: Rhysida
Rhysida
Unknown
Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Hematology Oncology Consultants breach?▾
Hematology Oncology Consultants, a Michigan-based private practice specialising in hematology and oncology care, was named on October 17, 2025 as a victim of the Rhysida ransomware operation. The threat actor listed the practice on its dark-web leak site, although the listing as observed contained…
What data was exposed?▾
Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation