A threat actor is claiming to sell a database allegedly stolen from AgelessRx, a U.S.-based telehealth and longevity medicine platform, exposing what is described as highly sensitive patient and prescription-related data. The listing surfaced April 25, 2026, and remains unverified at time of publication.
Alleged dataset includes detailed patient and prescription records
According to the listing, the dataset contains a wide range of personally identifiable and medical information, including patient names, email addresses, dates of birth, physical addresses, and phone numbers. The actor also claims the database includes medical-specific data such as reported conditions, current medications, allergies, and prescription details.
Additional fields reportedly include prescriber information, including credentials and National Provider Identifier (NPI) numbers, along with pharmacy fulfillment data. If accurate, the scope of the dataset would extend beyond basic customer records into regulated healthcare information.
Healthcare data exposure raises elevated risk concerns
Data involving medical history and prescription information carries heightened risk compared to standard breaches due to its sensitivity and potential for misuse. Exposure of this type of information can enable targeted phishing, identity theft, insurance fraud, or other forms of exploitation involving both patients and healthcare providers.
Similar risks have been observed in a previously confirmed healthcare breach involving electronic health records, where sensitive patient data exposure created long-term security concerns. Additional incidents, including ransomware-linked patient data leaks, highlight the ongoing targeting of healthcare platforms.
Healthcare platforms, particularly telehealth services, have become increasingly attractive targets due to the centralized storage of patient records and prescription data. Unlike breaches involving credentials or payment data, exposure of medical information introduces long-term privacy and safety risks that extend beyond financial impact.
Threat actor credibility remains limited
The claim originates from a relatively low-volume threat actor with limited prior activity compared to more established groups. While the actor has previously posted alleged breaches involving organizations across multiple regions, there is no widely documented track record of confirmed large-scale compromises.
No technical evidence, system details, or independently verifiable material has been provided to support the claim, making it difficult to assess the authenticity or scale of the alleged breach.
No confirmation from AgelessRx
AgelessRx had not issued any public statement at time of publication regarding the alleged breach or the claims made by the threat actor.
As with similar listings, the situation remains fluid and dependent on whether data is released, independently verified, or addressed by the organization.
