Precipio Data Breach Exposes 150 GB of PHI and PII

Precipio, Inc., a healthcare diagnostics company specializing in cancer testing, recently experienced a data breach involving sensitive patient information.

On Nov. 25, 2026, Precipio discovered that an unauthorized user had accessed an employee’s cloud-based storage account. Following an investigation with third-party cybersecurity experts, it was determined that the unauthorized access occurred on or around Nov. 23, 2025. During this incident, certain files were copied without authorization

The ransomware group INC RANSOM claimed responsibility, stating they had obtained 150 GB of Precipio’s data. The group posted about the attack on Dec. 2, 2025, via their network on Tor, indicating that the breach was part of a targeted ransomware campaign.

The compromised files contained a range of personally identifiable information (PII) and protected health information (PHI), including names, addresses, medical record numbers, dates of birth, clinical or treatment details, medical procedure information, medical provider names, prescription information and health insurance information. The specific data exposed varies by individual.

While the exact number of affected individuals has not been disclosed, the breach is considered severe due to the nature of the information involved and the method of access.

A notice of the incident was posted to Precipio website.

Precipio's response

Precipio acted to secure the affected account and launched a thorough investigation with the help of cybersecurity specialists. The company also notified federal law enforcement.

As part of their response, Precipio is conducting an extensive review of the compromised files to determine exactly what information was involved and to identify all affected individuals. They have committed to providing further notifications as more details become available.

The company encourages affected individuals to remain vigilant against identity theft and fraud by monitoring account statements and reviewing free credit reports for suspicious activity. Federal law entitles all consumers to one free credit report annually from each of the three major bureaus: Equifax, Experian and TransUnion.

Additional steps such as placing a fraud alert or a credit freeze on credit files are also recommended, especially in light of the sensitive nature of the information exposed.

For those who may be impacted, Precipio has set up a dedicated assistance line at 917-664-7071, available Monday through Friday from 9 a.m. to 5 p.m. Eastern time, excluding holidays.