Ransomware victim disclosure
← All victimsClaimlinx
Claimed by Genesis · listed 9 months ago
Status timeline
- ListedOct 21, 2025
- Data leakeddate unknown
At a glance
- Group
- Genesis
- Status
- Data leaked
- Country
- United States
- Sector
- Healthcare
- Listed on leak site
- Oct 21, 2025
About the victim
AI dossier — public-source company profileClaimLinx is a U.S.-based company that provides administrative, care management, and healthy lifestyle services to employers with self-funded, group health care plans. Operating as a third-party administrator (TPA), it manages health benefit programs on behalf of self-insured employers. The company is based in the United States and serves clients in the employer-sponsored healthcare benefits market.
- Industry
- Healthcare Benefits Administration & Third-Party Administration (TPA)
- Employees
- 11-50
Attack summary
Severity: critical — ClaimLinx administers self-funded group health care plans, meaning exfiltrated data almost certainly contains regulated health and personal information (PHI/PII) about plan members at scale, qualifying as a critical healthcare data breach under HIPAA. Data has been published, confirming exfiltration.The Genesis ransomware group claims to have exfiltrated data from ClaimLinx and has published the data on their darknet leak site. The disclosed status indicates the data has been published, though no specific ransom amount or data volume was stated.
Data the group says was taken
AI dossier — extracted from the leak post- Employer health plan records
- Employee/member personal information (PII)
- Care management records
- Administrative and billing data
- Health plan enrollment data
What the group claims
A provider of health insurance benefits for the businesses
The leak post
captured from the group's siteA global leader in the provision of Marine Claims TPA and Recovery services. ## Ben F. Barcus and associates pllc A law firm from Tacoma, WA. [Ben F. Barcus and associates pllc](http://genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion/72daf8151f038f9399f8/) Conducting training sessions, engaging with stakeholders, and organizing meetings and events. A civil engineering and surveying firm located at 570 Congress Park Dr, Dayton, Ohio. A legal firm dedicated to safeguard the rights of its clients ## The American Board of Preventive Medicine [The American Board of Preventive Medicine](http://genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion/5fbef11c89ddb34c6e90/) ## Integrated Process Engineers & Constructors. Specializes in custom modular process systems, offering a wide range of products including bioreactors, filtration systems, and utility stations. [Integrated Process Engineers & Constructors.](http://genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion/6ada59560a7932d5b3df/) ## Fargo Moorhead West Fargo Chamber [Fargo Moorhead West Fargo Chamber](http://genesis6ixpb5mcy4kudybtw5op2wqlrkocfogbnenz3c647ibqixiad.onion/824f0a1581059760e9d3/) CareP…
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

