Breach Report · United States
US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access
A threat actor claims to be selling live, authenticated admin panel access to a major US Non-Emergency Medical Transportation (NEMT) platform, advertising real-time control over operations rather than a static dump. The listing includes 500,000+ patient records, the ability to create fake provider accounts and spawn ride assignments, and access to a 200+ subcontractor network reportedly integrated with Lyft and Uber Health, with the source code of the underlying “Smart-Data-Hub” codebase included.
Post details
Actor(s)boltak
SectorHealthcare / Medical transportation (NEMT)
TypeAccess Sale (live admin) + Data Sale + Source Code
FormatWeb admin panel access, 500K+ records, full codebase
PriceNegotiable (open to offers)
Records500,000+ patients
CountryUnited States
Date07/05/2026
Compromised data and capabilities
- Live admin dashboard with operational control
- Provider creation (registering fake companies to receive real ride assignments)
- Patient demographic data and full PII
- SSNs
- Insurance details (Medi-Cal and others)
- Sensitive medical records
- 200+ subcontractor network access (Lyft, Uber Health integrations)
- Active trips, driver assignments, billing details
- Trip “completion” and invoice generation without service
- Source code of Smart-Data-Hub backend
- Competitive intelligence on routes and pricing across 200+ competitors
Screenshots
Want the non-blurred screenshots? Subscribe and check out the threat feed section. darkwebinformer.com/pricing
