Arkansas Primary Care Data Breach (2025): Patient Social Security Number & Home Address Exposed | ObscureIQ
ObscureIQ Breach Intelligence
Arkansas Primary Care
High Severity Medical

Arkansas Primary Care Data Breach

Arkansas Primary Care Clinic Breach (2025): Patient Social Security Number & Home Address Exposed

Primary care medical practice.

Verified by ObscureIQ Intelligence
15.0Breach Risk Index
27Data Value
40Market Recency
299dSince Breach

Breach Intelligence Summary

Entity: Arkansas Primary Care · Actor: INC Ransom · Source: DataBreach.com / ObscureIQ intelligence
Attack: Ransomware (data exfiltration + extortion) with threatened publication of stolen data
Timeline: Breach (Apr 24, 2025) · Indexed (Jul 2, 2025) · Year (2025)
Exposure: ~26,000 records · 4 fields: Social Security Number, Home Address, Email Address, Phone Number
Status: Confirmed · Risk: High (identity theft + medical fraud)

Threat Actor: INC Ransom

INC Ransom
Ransomware-as-a-Service · aka INC Ransomware

INC Ransom is a ransomware-as-a-service operation known for double-extortion: exfiltrating data before encryption and threatening to publish it on a dark-web leak site unless paid. The group listed Arkansas Primary Care and threatened release of an ~15 GB dataset.

Typical tradecraft:
  • Initial access via phishing, exposed credentials, or unpatched edge devices
  • Data exfiltration prior to encryption
  • Leak-site listing and countdown to pressure payment
  • Publication of stolen data when demands are not met

Executive Summary

Arkansas Primary Care Clinic, PA, a primary-care medical practice in Little Rock, Arkansas, suffered a ransomware attack in late April 2025 carried out by the INC Ransom ransomware-as-a-service group. The attackers claimed to have exfiltrated approximately 15 gigabytes of data before deploying ransomware, then listed the practice on their dark-web leak site and threatened to publish the stolen data unless ransom demands were met. The breach was indexed by breach-tracking services in early July 2025.

The breach affected approximately 26,000 individuals based on records indexed by breach-tracking services. Compromised fields included Social Security numbers, email addresses, phone numbers, and home addresses. As a primary-care clinic, the underlying records also include patient identity, insurance, billing, clinical, and treatment information typical of a long-term care relationship.

For affected patients, the combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Patients should freeze credit at all three U.S. bureaus, monitor health-insurance statements for unfamiliar charges, and treat unsolicited contact referencing the clinic with caution.

ObscureIQ assessment: SSN paired with home address is the most dangerous combination here — it enables synthetic identity construction that can persist for years.

About Arkansas Primary Care

Arkansas Primary Care Clinic, PA is a primary-care medical practice based in Little Rock, Arkansas, providing routine and family medical services to patients across central Arkansas. It operates as a roughly 30-employee independent practice typical of a regional primary-care operation.

If you were a patient, scheduled an appointment, or submitted insurance or billing information to Arkansas Primary Care, your data may be included.

Breach Exploitation Status

Threat Activity:High
SignalStatus
Dark web / breach-channel circulationDetected
Breach-index indexingDetected
Medical & identity fraud relevanceHigh
Credential stuffing overlapPossible
Law enforcement final scopeUnknown
Data Longevity:Years-long identity risk

Social Security numbers and home addresses do not change like passwords — they remain useful to fraud workflows for years.

Data Points Exposed

4 verified field types
Social Security Number Critical
Home Address High
Email Address
Phone Number

Field names are shown in full (e.g. “Social Security Number”) for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Dark Web Verification

Status: Confirmed

  • Dataset containing ~26K records identified in breach intelligence sources
  • Data indexed and searchable across breach notification platforms
  • Source: arkansasprimarycare-com-2025

Impact

Primary downstream threats:
  • Identity theft and synthetic identity construction using SSNs
  • SIM-swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
  • Medical and insurance fraud referencing real provider relationships

Recommended Actions

If you believe your information may be included:

Freeze Your Credit
Place a freeze with Equifax, Experian, and TransUnion — the single most effective step against SSN-driven fraud.
Expect Targeted Phishing
Watch for messages referencing this breach or your clinic. Verify through official channels only.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial and insurance portals.
Monitor Accounts
Review insurance statements and credit activity for unfamiliar charges or new accounts.

Frequently Asked Questions

What happened in the Arkansas Primary Care data breach?

In April 2025, the INC Ransom group exfiltrated data and threatened to publish it. Breach services indexed roughly 26,000 affected individuals in July 2025.

What data was exposed?

Verified fields include Social Security Number, home address, email address, and phone number. Underlying clinical and insurance records may also have been taken.

What should affected patients do?

Freeze your credit at all three bureaus, enable MFA, monitor insurance and financial statements, and treat unsolicited contact referencing the clinic with caution.

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation

Classification Tags

INC Ransom Ransomware Data Exfiltration Healthcare Primary Care Social Security Number Home Address Email Phone