Cherry Health Ransomware Attack and Data Breach – Veri Sızıntısı
Live
Search
Company
About Founder's Note Press & Media Privacy Policy Terms of Service FAQ Brand Kit
Products
HUBOne HUBCorp Coming Soon Veri Sızıntısı Android Coming Soon Veri Sızıntısı iOS Coming Soon Veri Sızıntısı Huawei Coming Soon Breach Radar Argus Flow Argus Engine LivePlatform
Technologies
What is Argus AI? Try on HUBOne What is Argus Flow? What is Argus Engine?
Blog Contact

Cherry Health Targeted by Rhysida Ransomware Attack

Healthcare provider Cherry Health is experiencing major service disruptions following a cyberattack claimed by the Rhysida ransomware group. The attackers allege the theft of 250 GB of sensitive patient and employee data.

Cherry Health Targeted by Rhysida Ransomware Attack

Summary of the Incident

Michigan-based healthcare provider Cherry Health has been facing technical issues since April 19, 2026, causing significant disruptions to its services. While the company has not officially confirmed it as a cyberattack, the Rhysida ransomware group has claimed responsibility. On its dark web leak site, Rhysida announced a 7-day auction for data allegedly stolen from Cherry Health.

Ransomware is a type of malicious software where cybercriminals encrypt a victim's files, blocking access, and demand a payment (ransom) to release them. The Rhysida group threatens to sell the data to the highest bidder or publish it publicly if the ransom is not paid.

Leaked Data

As proof of the attack, Rhysida has published several screenshots. According to this evidence, the allegedly exfiltrated 250 GB dataset contains highly sensitive information, including:

Has your email been leaked? Check for free — results in seconds.

Check Now →
  • Patient Information: Names, dates of birth, Social Security Numbers (SSNs), addresses, and various medical records.
  • Employee Information: Social Security Numbers (SSNs), tax forms, and other personal employee data.
  • Corporate Data: Company financial documents and licenses.

The exposure of such information carries serious risks, including identity theft and fraud. Affected individuals can check if their data was compromised using a Data Breach Search tool.

What Should Affected Users Do

Although Cherry Health has not yet issued an official data breach notification, it is crucial for patients and employees to be cautious. Potential victims are advised to monitor their bank accounts and credit reports regularly, be wary of suspicious emails and messages (phishing attacks), and update their passwords. It is important to follow official announcements from Cherry Health and reliable Data Breach News sources for updates.

Kaynak

https://databreaches.net/2026/04/27/127254/?pk_campaign=feed&pk_kwd=127254

Share This Article
X LinkedIn WhatsApp
← Previous Post Japanese Firms Pay Ransom But 60% Fail to Recover Data Next Post → PowerSchool Breach May Hold Private Equity Owner Accountable

Weekly Newsletter

Curated data breach news delivered to your inbox every week.