THREATNOIR
Subscribe
Back to Feed
BreachesMay 7, 2026

US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access

US NEMT platform breached; threat actor sells live admin access, 500K+ patient records, and source code.

Read at source

Summary

A threat actor claims to have breached a major US Non-Emergency Medical Transportation (NEMT) platform and is selling live, authenticated admin panel access alongside 500,000+ patient records and the underlying source code. The compromise includes the ability to create fake provider accounts, manipulate ride assignments, and access a network of 200+ subcontractors integrated with Lyft and Uber Health. The listing represents operational control rather than a static data dump, posing immediate risk to patient safety, privacy, and service integrity.

Full text

Breach Report · United States US Non-Emergency Medical Transport Network Allegedly Breached Exposing 500K+ Patient Records and Live Admin Access A threat actor claims to be selling live, authenticated admin panel access to a major US Non-Emergency Medical Transportation (NEMT) platform, advertising real-time control over operations rather than a static dump. The listing includes 500,000+ patient records, the ability to create fake provider accounts and spawn ride assignments, and access to a 200+ subcontractor network reportedly integrated with Lyft and Uber Health, with the source code of the underlying “Smart-Data-Hub” codebase included. Post details Actor(s)boltak SectorHealthcare / Medical transportation (NEMT) TypeAccess Sale (live admin) + Data Sale + Source Code FormatWeb admin panel access, 500K+ records, full codebase PriceNegotiable (open to offers) Records500,000+ patients CountryUnited States Date07/05/2026 Compromised data and capabilities Live admin dashboard with operational control Provider creation (registering fake companies to receive real ride assignments) Patient demographic data and full PII SSNs Insurance details (Medi-Cal and others) Sensitive medical records 200+ subcontractor network access (Lyft, Uber Health integrations) Active trips, driver assignments, billing details Trip “completion” and invoice generation without service Source code of Smart-Data-Hub backend Competitive intelligence on routes and pricing across 200+ competitors Screenshots 01 02 Want the non-blurred screenshots? Subscribe and check out the threat feed section. darkwebinformer.com/pricing

Indicators of Compromise

  • malware — Smart-Data-Hub

Entities

boltak (threat_actor)Smart-Data-Hub (product)Non-Emergency Medical Transportation (NEMT) Platform (technology)Lyft (vendor)Uber Health (vendor)