New York manufacturer Fieldtex has notified 247,363 people of an August 2025 data breach, according to figures posted today by the US Department of Health and Human Services.
Fieldtex, which makes cases for portable devices used in medical and military settings and sells custom first aid kits, also runs an over-the-counter benefits program for Medicare Advantage members. The cyber attack on that program compromised members’ personal info.
The data breach leaked names, addresses, dates of birth, insurance member ID numbers, plan names, effective terms, and genders.
Ransomware gang Akira took credit for the breach on November 5, 2025. The group says it stole 14 GB of data from E-First Aid Supplies, a Fieldtex-owned brand.
Fieldtex has not verified Akira’s claim but did disclose a data security incident impacted the protected health info of patients enrolled in its OTC benefits program. We do not yet know if Fieldtex paid a ransom, how much Akira demanded, or how attackers breached Fieldtex’s network.
“On or around August 19, 2025, Fieldtex discovered certain unauthorized activity within its computer systems,” Fieldtex says in its notice to victims.
“Following a thorough investigation, Fieldtex confirmed that a limited amount of protected health information may have been impacted in connection with this incident.”
Fieldtex says it is offering free credit monitoring to eligible victims.
Who is Akira?
Akira is a ransomware gang that first emerged in March 2023. Its targets span education, finance, manufacturing, real estate, and healthcare. Akira’s malware both locks down computer systems and steals data. The group then demands a ransom to restore those systems and destroy stolen data.
Akira is the second-most prolific ransomware group in 2025, racking up 70 confirmed ransomware attacks so far this year. In that time, it made another 663 unconfirmed attack claims that haven’t been publicly acknowledged by the targeted organizations.
Akira’s numbers are surpassed only by Qilin. Qilin claimed more than 700 attacks in 2025, 118 of which were confirmed.
Akira’s attack on Fieldtex is its second-largest breach by number of records compromised. In January 2025, the group hacked Wakefield & Associates, which notified 371,577 people of the ensuing data breach.
Akira’s other recent victims include Cerenade Technology and Jewish Family and Community Services – East Bay.
Ransomware attacks on US healthcare businesses
Comparitech researchers have logged 19 confirmed ransomware attacks on US healthcare businesses that don’t provide direct care, such as medical device manufacturers and software vendors. Those attacks compromised nearly 5.8 million personal records.
Akira’s attack on Fieldtex is the second-largest such attack after a January 2025 data breach at Episource, which notified 5.4 million people.
Ransomware attacks on manufacturers can lock down computer systems and steal data. Successful infections can disrupt billing, communications, orders, shipments, and in some cases manufacturing equipment and processes. The attackers demand a ransom to restore infected systems and delete stolen data. Businesses that refuse to pay up face extended downtime, permanent data loss, unauthorized data disclosure, and putting data subjects at increased risk of fraud.
Companies operating in the healthcare sector that don’t provide direct care have become a key target for hackers because they often handle a large amount of personal data and deal with several third-party vendors.
About Fieldtex
Based in Rochester, New York, Fieldtex is a business with three divisions: it makes custom cases for portable devices used in the medical and military fields, it sells first aid kits and supplies, and it operates an over-the-counter health benefit program for Medicare Advantage members.
Although Akira said it hacked Fieldtex’s first aid kit brand, E-First Aid Supplies, Fieldtex says the compromised data came from its OTC benefits program. Fieldtex’s website says the company has delivered more than 1 million OTC benefits packages.
