In January 2026, telehealth infrastructure firm OpenLoop Health suffered a security breach that exposed information of 716,000 people.
OpenLoop Health confirmed a January 2026 cyberattack that exposed personal information of 716,000 individuals using its telehealth services. The breach was reported to authorities in March, but the full scope was only recently determined.
Threat actors exfiltrated user data from the company’s systems during the intrusion, affecting hundreds of thousands of patients.
OpenLoop discovered on January 7, 2026, that hackers accessed and stole data from some of its systems. With help from cybersecurity experts, the company investigated the incident and confirmed the unauthorized access took place between January 7 and 8, 2026.
“On January 7, 2026, OpenLoop learned that an unauthorized third party had gained access to certain OpenLoop systems and removed certain information. Upon discovery, OpenLoop, with the assistance of external cybersecurity specialists, launched an investigation to determine the nature and scope of the incident and to confirm that the unauthorized access had been terminated.” reads the data breach notification letter. “The investigation determined that the unauthorized access occurred from January 7 to January 8, 2026”
The company states that the incident did not involve access to customers’ electronic health record, Social Security number, or financial account information.
The company did not disclose technical details about the security incident, but a hacker known as Stuckin2019 claimed responsibility for the breach and said they stole data belonging to 1.6 million patients, sharing samples as proof.
OpenLoop said it quickly investigated the breach, stopped the unauthorized access, and worked with federal law enforcement and cybersecurity experts to strengthen its defenses.
The company said it has no evidence that stolen personal information has been misused so far. As a precaution, affected individuals can enroll in a free one-year IDX identity and credit monitoring service that includes credit monitoring, fraud support, and identity restoration assistance.
The US Department of Health and Human Services’ breach portal only updated this week to include the number of impacted individuals.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
