MPOWERHealth Data Breach May Have Affected Over 55,000 Patients

MPOWERHealth, a Texas-based healthcare company providing clinical support to neuromusculoskeletal and orthopedic practices, experienced a major data breach. On Aug. 19, 2025, the hacking group Worldleaks claimed responsibility for the cyberattack. The incident was disclosed on a dark web forum accessible via the Tor network, and attackers allege they accessed and leaked sensitive company data..

It's likely the information exposed may include both personally identifiable information (PII) and protected health information (PHI). The total number of affected individuals has not been released but may include over 55,000 patients along with employees.

Compromised data could include names, contact information, dates of birth, Social Security numbers, health insurance information, medical records and billing or payment information. Worldleaks, is a known actor in the cybercriminal landscape and offered the data for download, making it accessible to other malicious actors.

MPOWERHealth's response

At this time, MPOWERHealth has not released an official public statement regarding the breach. The healthcare company has more than likely initiated a review to identify impacted individuals and will issue required state and federal disclosures in the near future.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from MPOWERHealth.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about the healthcare support company, visit the MPOWERHealth website.