TTA’s Here Comes Summer: two data breaches and a warning, six raises, Validic bought, Silicon Valley’s ‘Cargo Culture’, OpenEvidence scored in study, ‘off the books’ AI in healthcare, more!

June 26, 2026 | by | No Comments

 

Friday 26 June 2026

Summer started and the doldrums lifted. We have not one but two data breaches with a big warning from Five Eyes that AI-powered breaches are coming. Six raises from seed to Series C–including in Brazil–and Validic after many years is bought. But scrutiny is piling on AI and AI clinical tools, from the economics to Silicon Valley ‘Cargo Culture’ to OpenEvidence’s performance to ‘off the books’ AI in healthcare. We also touch on the current status of the Luigi Mangione NY State trial, 18 months after the murder of UHC’s Brian Thompson.

Please feel free to comment on the articles and pass along this Alert. Let me know if this is worth it to you! Also check out my personal page on Substack.

Chutes & Ladders: Xsolis data breach affects 1.4M records, Five Eyes warns of AI-supercharged hacking; FDA closes Whoop BP warning, Centene adds HR/finance exec to board; $120M raises for Assort Health, $46M for xCures

Vinegary Must Reads This Week: Silicon Valley’s ‘Cargo Culture’; the clinical query tool explosion between OpenEvidence and general AI

Short takes: Bain report on anemic AI ROI, SVB report on women’s health, Ladder Health pedes virtual health raises $7M, an update on the Luigi Mangione trial

Amazon’s One Medical Seniors hacked by ShinyHunters, issues “final warning” on 8.8 TB of patient data

News roundup: Validic bought by ChartSpan; raises for Cadence, Prosper AI, Telepatia; Epic MyChart portal messages doubled in 5 years–study    

Perspectives: The most aggressive AI adoption in healthcare is happening off the books

Last Week’s Headlines

Chutes, and chutes: Microsoft’s $3B Oracle cloud leasing deal goes sideways, Defense Health Agency to replace Leidos as system integrator for MHS’ EHR, Centene offering voluntary buyouts to most employees

Tuesday 23 June–UKTelehealthcare webinar/virtual event: Keeping People at Home, Supported by Technology (this is now available on video–check the UKTelehealthcare website and LinkedIn)

Perspectives: Virtual Care, AI, and the Future of Autism Therapy

 * * *
Advertise on Telehealth and Telecare Aware
Support not only a publication but also a well-informed international community.

Contact Editor Donna for more information.

Help Spread the News

Please tell your colleagues about this free news service and, if you have relevant information to share with the rest of the world, please let me know!

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

Amazon’s One Medical Seniors hacked by ShinyHunters, issues “final warning” on 8.8 TB of patient data

June 24, 2026 | by | No Comments

Pepper faints again, reading Amazon’s response–it’s ‘archived’ data that “only impacts certain legacy Iora Health and One Medical Seniors patients”.  The ShinyHunters data extortion group published their ‘final warning’ on its ‘dark web’ site with a negotiation start date of last Monday (22 June) before they would publish 8.8 terabytes of stolen information. Making the ShinyHunters threat less credible is that they haven’t released any sample data, so there is no idea if the contents are high value–typically containing personally identifiable information such as Social Security number, credit cards, and sensitive health information. Amazon One Medical is admitting the loss of only a “subset of files containing demographic and clinical records”.

Amazon One Medical published a notification on its One Medical Seniors (the former Iora Medical) website summing up the following:

  • They learned on 13 June that a third-party file storage system used to store archived patient information had been accessed by an unauthorized person
  • Data had been exfiltrated between 8-11 June
  • It’s apparently “legacy” information only and affecting only certain old Iora/Amazon One Medical Seniors records
  • The clinics affected are legacy Iora clinics located in Atlanta, Cape Cod, Charlotte, Piedmont Triad, Denver, Houston, Phoenix, Tucson, and Seattle.
  • They took immediate action including the revocation of all user access and rotating credentials for all employees with access to the system. 
  • Neither Amazon One Medical (non-Seniors) patients, Seniors patients outside these markets, nor their EHR and medical services have been affected.

Patients are given a number to call and an email to write if they have questions. It is not known if patients were notified in other ways, for example through the patient portal, email, or standard US Mail. There is no public indication that Amazon One Medical has contacted ShinyHunters or is negotiating with them, whoever they are.

ShinyHunters is notorious for taking credit for other attacks on healthcare organizations, always going big, then going home after gaining their ransom. Their last target was Medtronic, hacking 9 million patient records plus terabytes of corporate information in April [TTA 30 April]. After the leak information was pulled from their website, the conclusion was that Medtronic paid up. ShinyHunters also attacked dental benefits administrator DentaQuest earlier this year. Other big game: Zara, Carnival, 7-Eleven, Pitney Bowes, The Canada Life Assurance Company, and Hallmark. 

Amazon One Medical is staying mum, but this will be updated as additional information is disclosed. Cybernews, Healthcare IT News, HIPAA Journal