Ransomware Group: WORLDLEAKS

VICTIM NAME: MPOWERHealth

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 19, 2025, MPOWERHealth—a Texas-based healthcare services company serving the United States’ value-based care market—appears as a victim on a ransomware leak page published by the group worldleaks. The page describes MPOWERHealth’s service mix, including outpatient surgery, post-acute care, analytics for population health management, and a collaborative physician network aimed at improving care quality while reducing costs. The post frames the incident as a ransomware event and identifies MPOWERHealth as compromised, consistent with leak pages that accompany threats to exfiltrate or publish stolen data. Since no compromised date is provided in the available data, the post date is treated as the publication date. The presence of a claim URL is noted, aligning with common double-extortion patterns; however, the metadata does not disclose any ransom amount or demand.

The page contains no images or other media; the counts for screenshots, photos, or attachments are zero. There are also no downloadable files referenced in the provided data. The content focuses on a high-level description of MPOWERHealth’s business rather than any attached leak materials. While the post suggests a ransomware scenario, the available data does not specify whether data was encrypted, exfiltrated, or publicly released, nor does it list a ransom figure. The entry centers on MPOWERHealth, with no additional company names emphasized in the text.