Published
June 20, 2026
Investigation Stage · Hacker Claim Unverified · No Suit Filed
This page describes an ongoing data-breach investigation and a threat actor's public claims. One Medical confirmed a limited incident isolated to a legacy-records archive; the much larger 8.8TB figure below is the attacker's unverified claim, made with no sample data released. No class action has been filed and there is nothing to claim. This page is informational and is not legal advice.
Status
Breach Confirmed (Limited) · Early Stage
Disclosed June 13, 2026 · no class action on file as of this writing
Confirmed Scope
Limited patients · one third-party legacy archive
Archived legacy Iora Health / One Medical Seniors records · isolated from the EMR and other systems
Hacker Claim (unverified)
~8.8 TB · no sample released
ShinyHunters' figure · in tension with the company's "limited/isolated" account
Can I Claim?
No — nothing to claim yet
No settlement, no fund, no claim form
What Is This About?
One Medical — the membership-based primary-care provider owned by Amazon — confirmed a data security incident affecting a third-party storage system that held archived records from its senior-care business (One Medical Seniors, formerly Iora Health). Separately, the extortion group ShinyHunters claimed it stole a far larger trove of data. This page lays out what the company has confirmed, what the attacker merely claims, and why those two pictures are very different.As of this writing, the matter is at an early stage. No class action has been filed, and there is no settlement and nothing to claim.
What One Medical Confirmed
On June 13, 2026, One Medical said it had learned that an unauthorized person gained access to a third-party file-storage system used to retain archived legacy Iora Health / One Medical Seniors records. Its investigation determined the actor accessed certain patient files on that platform between roughly June 8 and June 11, 2026, affecting what the company described as a "limited number" of One Medical Seniors and legacy Iora Health patients.One Medical said it immediately deactivated the system and revoked all access, launched an investigation, and is notifying affected patients directly. It characterized the event as isolated to that third-party archive, stating it did not affect the One Medical electronic medical record (EMR) system or other One Medical or Amazon systems. The data involved was described as demographic and clinical information; the company did not publicly state that Social Security numbers or financial data were involved, and it did not disclose a number of affected patients. The breach implicates patients at certain One Medical Seniors clinics in cities including Atlanta, Charlotte, Denver, Houston, Phoenix, Tucson, and Seattle.
Confirmed Scope vs. the Attacker's Claim
There is a wide gap between the company's account and the attacker's:• Company-confirmed: a limited number of patients, isolated to a single third-party archive of legacy Iora / One Medical Seniors records, with the EMR and other systems unaffected.
• Threat-actor claim (unverified): ShinyHunters claimed to have stolen about 8.8 terabytes of data from Amazon's One Medical and threatened to publish it unless the company negotiated by a stated deadline. The group released no sample data, so the claim cannot be verified, and the claimed scale is far larger than the limited, archive-only incident One Medical described.
ShinyHunters has a documented pattern of pay-or-leak extortion and of overstating or aggregating its claims. The responsible way to read this is: the company has confirmed a contained incident; the multi-terabyte figure is an unverified claim, presented here with that caveat.
Has a Lawsuit Been Filed?
Not as of this writing. Given that the disclosure was only June 13, 2026, the matter is at the earliest possible stage; any litigation would be brand new. No case caption, number, or court was on the public record when this page was published, and no entry for this incident had been confirmed on the U.S. Department of Health and Human Services breach portal (a 60-day reporting window may still be running). We will update this page if a complaint is filed.Is There a Settlement?
No. This is an investigation, not a settlement.There is no settlement fund, no claim form, no payout, and no deadline. No class has been certified because no class action has been filed. If a lawsuit is filed and later settles, or One Medical offers identity protection to affected patients, those steps would be announced separately. Be cautious of any website that claims you can "file a claim" for this matter today.
What Should Patients Do Now?
If you are (or were) a One Medical Seniors or legacy Iora Health patient, watch for a direct notification from One Medical and be cautious about unsolicited calls, emails, or texts referencing your care — phishing commonly follows a breach. Monitor your accounts and any medical or insurance statements, and consider a fraud alert or credit freeze. There is nothing to file right now; keep any notice you receive. For related health-data incidents, see our coverage of the Change Healthcare data breach and the NYC Health + Hospitals data breach.This page is informational and is not legal advice.
Frequently Asked Questions
Is there a One Medical data breach settlement or class action?
No. The incident was disclosed June 13, 2026 and is at an early stage. No class action has been filed and there is no settlement, fund, or claim form. Nothing to claim.Did a hacker really steal 8.8 terabytes from One Medical?
That is ShinyHunters' unverified claim, made with no sample data released. It is in direct tension with One Medical's statement that the incident was isolated to a single legacy-records archive affecting a limited number of patients.How many people were affected?
One Medical did not disclose a number, describing the group as a limited number of One Medical Seniors and legacy Iora Health patients, whom it is notifying directly.Sources
• FierceHealthcare — "One Medical Seniors reports data breach at third-party file storage system"• GovInfoSecurity — "ShinyHunters Threatens to Leak Amazon One Medical Records"
• One Medical — official statement
Free settlement alerts
Get notified when new class actions open to claims
Join thousands of readers who get the latest class action settlements you may qualify for — delivered straight to your inbox.
For more class actions keep scrolling below.
Status
Breach confirmed (limited) — early stage; no suit filed
Company
One Medical / One Medical Seniors (Amazon; formerly Iora Health)
Disclosed
June 13, 2026
Access Window
On or about June 8–11, 2026
Confirmed Scope
Limited patients · one third-party legacy archive (EMR unaffected)
Hacker Claim
~8.8 TB (unverified, no sample released)
