Incident Overview

A threat actor going by NetRunnerPR claims to have breached the network of Shiraume Hospital (白梅病院) in Japan and extracted patient PII along with full medical records. The actor has announced that the complete database will be released on March 5, 2026, and has posted an extensive list of data columns as proof of the breach.

The leaked field names paint a deeply concerning picture of the data involved. Patient records appear to include physical measurements (height, weight), allergy information, and infection statuses for serious conditions including Hepatitis B, Hepatitis C, HIV, MRSA, tuberculosis, CJD (Creutzfeldt-Jakob disease), and VRE. The dataset also contains detailed emergency contact information for up to three family members per patient, including names, ages, relationships, addresses, postal codes, and multiple phone numbers.

Beyond medical and contact data, the breach reportedly includes financial and insurance information such as bank names, branch codes, account numbers, account types, and billing claim details. Treating physician names, department codes, hospital codes, diagnosis information, and insurance coverage fields are also listed among the extracted columns.