Healthcare & More Data Breach Exposes Internal Orders, Patient Equipment Records, and Business Files

The Healthcare & More data breach has been listed on the DragonForce ransomware group’s leak portal, signaling a major cyberattack on a U.S. based medical equipment and healthcare products supplier. On November 22, 2025, DragonForce announced that it had exfiltrated sensitive data from Healthcare & More, a distributor serving clinics, healthcare facilities, assisted living centers, home care providers, and individuals across the country. Early indications suggest that the attackers obtained internal documents, customer order histories, product distribution records, billing information, and business operations data. The Healthcare & More data breach raises serious concerns due to the company’s involvement in supplying medical equipment used in clinical environments and patient care.

Healthcare & More operates as a key distributor of medical supplies, wellness products, elder care items, therapeutic equipment, and clinical accessories. The company serves a broad base of clients including rehabilitation centers, clinics, home health providers, medical retailers, and assisted living facilities. Because these clients depend on reliable and secure order processing systems, the Healthcare & More data breach may affect sensitive information connected to patient equipment orders, facility procurement, insurance handling, and internal logistics.

DragonForce’s involvement confirms the severity of the intrusion. The group is known for targeting companies across the healthcare supply chain, including distributors, durable medical equipment providers, medical billing processors, and healthcare support vendors. Once a company appears on the DragonForce leak site, it typically means the attackers have already exfiltrated large quantities of data and may begin releasing samples unless ransom demands are met. The Healthcare & More data breach aligns with this pattern, and the potential exposure of healthcare related operational data poses significant downstream risks to multiple facility types and patient support networks.

Background on Healthcare & More

Healthcare & More specializes in a wide range of medical equipment and consumer health products, including mobility devices, braces, rehabilitation tools, home medical supplies, therapeutic supports, and senior care essentials. The company’s clients depend on accurate fulfillment of product orders and secure handling of equipment records. These records may include delivery addresses, billing information, product specifications, service notes, and documentation used in patient support workflows.

The Healthcare & More data breach raises concerns because medical distributors often maintain detailed records of customer purchases, equipment types, product categories, warranty documents, replacement part requirements, and customer service interactions. While Healthcare & More is not a hospital or direct care provider, the nature of its business means that attackers may have gained access to sensitive medical equipment purchasing data and logistics information that can reveal patient needs or facility operations.

DragonForce Ransomware Group Activity

DragonForce has increasingly targeted companies tied to healthcare infrastructure in 2025. The group focuses on organizations with high commercial value, large product inventories, and extensive customer data. Healthcare supply distributors have become frequent targets due to their reliance on digital ordering systems, shipping documentation, invoicing workflows, and internal administrative platforms.

The listing of the Healthcare & More data breach on the DragonForce portal suggests that attackers obtained access to backend systems used for inventory management, product fulfillment, account billing, and support operations. DragonForce commonly publishes partial data samples before releasing full archives, meaning that additional files may appear publicly if ransom negotiations fail.

Potential Data Exposed in the Attack

The Healthcare & More data breach may include a broad range of internal business and customer related information. Medical supply distributors often store:

• Customer names, delivery addresses, emails, and phone numbers
• Order histories for medical devices, equipment, and supplies
• Invoices, receipts, and payment records
• Supplier contracts and distribution agreements
• Internal inventory spreadsheets and product catalog documentation
• Shipping logs and order tracking data
• Customer service notes and support communications
• Employee files, payroll documents, and HR records
• Internal emails containing business operations information

While Healthcare & More is not obligated to store protected health information under hospital level requirements, the products distributed by the company may still reveal medically relevant details about customers and facilities. The Healthcare & More data breach may expose patient equipment orders that could indicate health conditions, assistance needs, or home care arrangements.

Risks to Clinics, Assisted Living Facilities, and Home Care Providers

The Healthcare & More data breach may create multiple downstream risks for organizations that rely on the company for medical supplies. Healthcare distributors often serve as essential intermediaries between manufacturers and care providers. Exposure of distribution data may allow attackers to:

• Launch targeted phishing against healthcare facilities
• Exploit procurement workflows using forged invoices
• Impersonate distributors requesting payment or delivery confirmation
• Target vulnerable patient households involved in home medical care
• Manipulate equipment replacement schedules with fraudulent notices

Healthcare phishing campaigns frequently use real product information to appear legitimate. If attackers obtained detailed order histories, they may attempt to contact facilities or individuals using accurate product names, SKU numbers, or support notes.

Operational Impact on Healthcare & More

The Healthcare & More data breach may force the company to isolate certain systems, rebuild internal servers, and verify the integrity of data used for order fulfillment and logistics coordination. Depending on the level of compromise, the company may need to:

• Reset employee credentials and access privileges
• Audit inventory and fulfillment systems for unauthorized changes
• Review financial data for tampering or potential fraud
• Check communication systems for compromised accounts
• Rebuild or patch affected administrative platforms

Even if distribution operations remain active, temporary delays may occur during forensic review, system restoration, and security hardening efforts.

Regulatory and Legal Considerations

The Healthcare & More data breach may trigger legal obligations under U.S. state data protection frameworks. While the company is not a covered entity under HIPAA, exposure of certain order histories may still carry legal or ethical implications if those orders can be linked to identifiable individuals and sensitive medical conditions.

In addition, compromised financial records and billing data may require notification to customers depending on state statutes. Organizations that rely on Healthcare & More for equipment procurement may also face compliance concerns if supply chain documentation was exposed.

Secondary Cyber Threats for Customers

DragonForce often leverages stolen business documentation for secondary attacks. The Healthcare & More data breach may lead to:

• Fake equipment replacement requests
• Fraudulent shipping notices referencing accurate product names
• Altered invoices sent to clinics, facilities, or households
• Social engineering attacks targeting support staff at healthcare centers
• Phishing campaigns impersonating customer service representatives

Care providers must treat any unexpected communication referencing past orders or support tickets with heightened caution until more information is available.

Recommended Actions for Customers and Facilities

Clinics, facility managers, and home healthcare providers working with Healthcare & More should take immediate steps to mitigate the risks associated with the Healthcare & More data breach. Recommended actions include:

• Verify invoices, order updates, and delivery confirmations through direct phone contact
• Monitor for phishing attempts referencing specific equipment or past orders
• Audit financial accounts for suspicious supplier related activity
• Update passwords for procurement or vendor communication portals
• Ensure staff are aware of potential impersonation attempts

Users are also encouraged to scan devices with trusted anti malware tools like Malwarebytes to detect infections related to phishing campaigns connected to the Healthcare & More data breach.

Long Term Implications for Healthcare Supply Distributors

The Healthcare & More data breach reflects an increasing trend of ransomware groups targeting medical distributors and healthcare support businesses. These companies are deeply embedded in the supply chain and often store large volumes of sensitive operations data without the hardened infrastructure of hospitals or large medical networks.

This incident may push distributors across the healthcare sector to adopt stronger cybersecurity frameworks, enhance vendor authentication systems, encrypt internal inventory data, and harden administrative tools used for order fulfillment and customer support.

For verified coverage of major data breaches and the latest cybersecurity threats, visit BotCrawl for trusted reporting and expert analysis.