North Country HealthCare 2025 Data Breach

North Country HealthCare - DISPUTED: Stormous Ransomware Claim Fabricated (No Confirmed Breach, 2025) | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

StormousMedicalN/A
High SeverityWebsite / service breach

North Country HealthCare - DISPUTED: Stormous Ransomware Claim Fabricated (No Confirmed Breach, 2025)

North Country HealthCare - Federally Qualified Health Center (FQHC) network in Arizona.

Verified by ObscureIQ Intelligence
77/100Breach Risk Index
40Data Value
40Market Recency
358dSince Breach

Breach Intelligence Summary

Entity: North Country HealthCare · Actor: Stormous (FALSE/FABRICATED CLAIM - no breach occurred) · Sources: 2 references
Attack: Unknown
Profile: Healthcare Provider · Community health and primary care services · Federally Qualified Health Center · USA
Timeline: Breach (2025-07-13) · Year (2025)
Exposure: FABRICATED CLAIM records · 1 fields: N/A
Status: Fabricated

Executive Summary

DISPUTED / FABRICATED - NO CONFIRMED BREACH. In mid-July 2025, the Stormous ransomware group claimed to have stolen PII/PHI on approximately 600,000 North Country HealthCare (an Arizona FQHC) patients and threatened to sell or publish it. North Country HealthCare investigated with internal teams and independent cybersecurity experts and confirmed the claim was FALSE: no breach occurred and the posted data was fabricated (inconsistent gender information, addresses that could not be verified). This record should NOT be published as a breach; the ~500,000/600,000 figures are fabricated and unassociated with NCHC systems.

ObscureIQ assessment: Severe risk of identity theft, medical fraud, and privacy harm. Community-health settings may also involve economically vulnerable populations who are easier to target with convincing scams.

Breach Impact

No confirmed breach occurred. The fabricated Stormous claim created reputational noise and patient concern but, per North Country HealthCare’s investigation and independent analysis, no genuine patient data was exposed. Any downstream risk is not substantiated.

About North Country HealthCare

North Country HealthCare is a nonprofit federally qualified health center (FQHC) network based in Flagstaff, Arizona, providing primary care, dental, behavioral-health, and community health services across rural and northern Arizona, largely to underserved populations.

Why They Hold Your Data

Federally Qualified Health Centers collect patient identity, contact, insurance, billing, appointment, and clinical records across community health and primary care services.

Recent Developments

In mid-July 2025 the Stormous ransomware group claimed on its leak site to have stolen data on roughly 600,000 North Country HealthCare patients. North Country HealthCare investigated with internal teams and independent cybersecurity experts and publicly confirmed the claim was FALSE and that no breach occurred; the posted data showed multiple indicators of fabrication, including inconsistent gender fields and unverifiable addresses.

Data Points Exposed

1 verified field types
N/A

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Disputed
Primary downstream threats:
  • None substantiated - the underlying breach claim was fabricated and debunked by North Country HealthCare and independent analysts.
Threat vectors:
  • N/A - fabricated claim (no confirmed breach)

Threat Actor: Stormous (FALSE/FABRICATED CLAIM - no breach occurred)

Stormous (FALSE/FABRICATED CLAIM - no breach occurred)
Unknown

Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.

Recommended Actions

If you believe your information may be included:

Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the North Country HealthCare breach?

DISPUTED / FABRICATED - NO CONFIRMED BREACH. In mid-July 2025, the Stormous ransomware group claimed to have stolen PII/PHI on approximately 600,000 North Country HealthCare (an Arizona FQHC) patients and threatened to sell or publish it. North Country HealthCare investigated with internal teams…

What data was exposed?

Verified fields include N/A.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation