Boston Orthotics & Prosthetics Data Breach

Alleged

Ransomware claim involving Boston Orthotics & Prosthetics.

Published: Jun 29, 2026 Anubis
Threat Level
High
Confidence: High

Quick Summary

Alleged
Company
Boston Orthotics & Prosthetics
Industry
Healthcare
Threat Actor
Anubis
Date of Incident
Jun 29, 2026

Executive Summary

Boston Orthotics & Prosthetics, a US-based organization in the healthcare sector, has been listed on the Anubis ransomware group’s dark web portal, with the entry published on June 29, 2026. This listing was identified by SOCRadar’s Dark Web Monitoring service. The healthcare industry is frequently targeted by extortion operators due to the sensitive nature of patient data and the critical operational impact of system disruptions. Anubis has recently targeted other organizations in the US healthcare and business services sectors. The Anubis ransomware group has claimed responsibility for targeting Boston Orthotics & Prosthetics. Over the 60 days preceding this listing, Anubis had claimed seven other victims, with a focus on healthcare and business services, and occasionally financial services. The majority of their victims are located in the United States, the United Kingdom, and France. Recent Anubis victims with profiles similar to Boston Orthotics & Prosthetics include Singing River Health System, KTR Real Estate Advisors, ESMS Global Limited, and Jeffrey Burr.

Technical Analysis

SOCRadar’s stealer-log telemetry indicated exposure tied to bostonoandp.com, specifically its public education/student portal (education.bostonoandp.com), rather than corporate identity systems. The analysis revealed ten records with masked usernames, numeric IDs, and a Gmail address linked to the student registration endpoint. This suggests a risk of customer account takeover rather than employee credential compromise, as no corporate email domains or administrative URLs were found in the sampled data, which spans from July 2025 to June 2026. The detected exposure pertains to the student portal, not a corporate intrusion signal. The investigation indicates that infostealer-harvested credentials are a common initial access vector for ransomware groups like Anubis, who purchase logs from underground marketplaces to gain access to systems. While the current findings do not confirm this specific vector for Boston Orthotics & Prosthetics, it is recommended that the organization maintain continuous monitoring and implement proactive credential hygiene measures for both customer and internal accounts.