Ransomware victim disclosure
← All victimsHealthcare Management Systems
Claimed by BianLian · listed 2 years ago
Status timeline
- ListedNov 8, 2024
- Data leakeddate unknown
At a glance
- Group
- BianLian
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Nov 8, 2024
About the victim
AI dossier — public-source company profileHealthcare Management Systems (HMS) is a software and services provider based in Napa, California, specializing in healthcare IT solutions. The company offers electronic health records (EHR), practice management systems, revenue cycle management, and related operational efficiency tools for healthcare providers.
- Industry
- Healthcare IT & Software Solutions
- Address
- Napa, California, United States
Attack summary
Severity: critical — Healthcare IT provider with likely access to patient data (EHR systems, medical records) and healthcare provider information. Exfiltration of such regulated healthcare data involving PII and protected health information (PHI) constitutes critical severity under healthcare data breach standards.BianLian claims to have exfiltrated data from Healthcare Management Systems. The group has published data as part of its disclosure, indicating a confirmed breach with data exfiltration.
Data the group says was taken
AI dossier — extracted from the leak post- Electronic health records (EHR)
- Practice management system data
- Revenue cycle management records
- Healthcare provider operational data
- Potentially patient information
What the group claims
Healthcare Management Systems (HMS) is a company that specializes in providing software solutions and services tailored for the healthcare industry. Based in Napa, California, HMS focuses on enhancing the operational efficiency of healthcare providers through its offerings, which may include electronic health records (EHR), practice management systems, revenue cycle management, and other healthcare IT solutions.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

