CRBRC A.I CyberSecurity Scoring
CRBRC
Company Information
Website:http://www.catalystrcm.com
Employees number:23
Number of followers:386
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:catalystrcm.com
CRBRC Risk Score (AI oriented)
Between 0 and 549
CRBRCIT Services and IT Consulting
Updated:
18/03/2026
18/03/2026
492/1000
Critical
C
CRBRC Global Score (TPRM)
xxxx
CRBRCIT Services and IT Consulting
Score locked

CRBRCCritical
Current Score
492C (CRITICAL)
01000
2 incidents
-142 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
518
JUNE 2026
514
MAY 2026
502
APRIL 2026
501
MARCH 2026
490
FEBRUARY 2026
483
JANUARY 2026
481
DECEMBER 2025
640
Ransomware
09 Dec 2025 • CRBRC
Catalyst RCM: Medical billing company RCA warns of data breach claimed by 2 ransomware groups
Cybercriminal Gangs Medusa and Qilin Claim Breach of Medical Billing Firm RCA
468
CRITICAL-172
CAT1771961762
Cybercriminal Gangs Medusa and Qilin Claim Breach of Medical Billing Firm RCA
Two ransomware groups, Medusa and Qilin, have claimed responsibility for breaching Resource Corporation of America (RCA), a Houston-based medical billing company, in December 2025. The attack exposed sensitive personal data, including names, Social Security numbers, health insurance details, medical diagnoses, treatment records, dates of birth, and addresses.
RCA confirmed the incident in a notice on its website, stating that unauthorized actors accessed its systems between December 9 and December 17, 2025, and exfiltrated files. The company has not acknowledged either group’s claims, and details of the breach including the attack vector, ransom demands, or whether a payment was made remain unverified.
Medusa, which first emerged in 2019 and launched its data leak site in 2023, initially demanded $800,000 in ransom. After negotiations allegedly failed, the group reposted RCA’s data on its leak site, stating the company had attempted to reduce the payment but was refused. Qilin, active since late 2022, also claimed responsibility but did not disclose its ransom demand.
Both groups operate ransomware-as-a-service (RaaS) models, deploying malware that encrypts systems and steals data to pressure victims into paying. In 2025, Qilin claimed 182 attacks, while Medusa took credit for 36, with healthcare organizations as frequent targets. Previous breaches linked to the groups include Insightin Health (Medusa) and SimonMed Imaging (Qilin), which exposed data on 1.3 million individuals.
The RCA breach is part of a broader surge in ransomware attacks on U.S. healthcare businesses. In 2025, 30 confirmed attacks on non-direct-care providers such as billing firms, pharmaceutical companies, and medical device makers compromised the data of over 6 million people. Another recent incident involved Catalyst RCM, which notified 139,000 individuals after an attack by the Everest ransomware group.
Healthcare billing firms are prime targets due to their handling of vast amounts of sensitive data and connections to multiple third-party clients. Such breaches can disrupt critical operations, endanger patient privacy, and expose organizations to prolonged downtime or regulatory consequences.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
750
Ransomware
13 Nov 2025 • CRBRC
KorPath, Vikor Scientific and Catalyst RCM: Catalyst RCM Data Breach Lawsuit Investigation
Catalyst RCM Data Breach Exposes Sensitive Patient Information in Ransomware Attack
638
CRITICAL-112
KORVANCAT1770667690
Catalyst RCM Data Breach Exposes Sensitive Patient Information in Ransomware Attack
Catalyst RCM, a U.S.-based revenue cycle management provider for healthcare organizations, confirmed a data breach after detecting suspicious activity in its file management system on November 13, 2025. An investigation revealed that unauthorized access occurred between November 8–9, 2025, when an attacker used valid credentials to copy data from a server.
The Everest ransomware group claimed responsibility for the attack, announcing on a dark web forum that it had exfiltrated 9.39 GB of data from Vikor Scientific (now Vanta Diagnostics), including medical billing documents tied to KorPath and Korgene diagnostic laboratories. The stolen records contained sensitive patient information, such as:
- Names and contact details
- Dates of birth
- Health insurance data
- Provider names and internal patient IDs
- Dates of service, medications, and treatment details
While the total number of affected individuals remains undisclosed, 88 Rhode Island residents were confirmed impacted. Catalyst RCM posted a breach notice on its website, with Vikor Scientific linking to the disclosure. The incident was reported to the attorneys general offices of California and Vermont.
The company completed its review on December 12, 2025, and is offering affected individuals complimentary identity protection services, including credit monitoring, cyber scan monitoring, and a $1 million insurance reimbursement policy. Legal firms, including Shamis & Gentile P.A., are investigating potential compensation claims for victims.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
750
SEPTEMBER 2025
750
AUGUST 2025
750
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CRBRC ??
What was CRBRC's A.I Rankiteo Cyber Score in June 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in May 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in April 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in March 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in February 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in January 2026 ??
What was CRBRC's A.I Rankiteo Cyber Score in December 2025 ??
What was CRBRC's A.I Rankiteo Cyber Score in November 2025 ??
What was CRBRC's A.I Rankiteo Cyber Score in October 2025 ??
What was CRBRC's A.I Rankiteo Cyber Score in September 2025 ??
What was CRBRC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on CRBRC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CRBRC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CRBRC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?