In November 2020, PlexusMD, an Indian app for doctors and medical students, suffered a data breach exposing 232,346 indexed healthcare professional account and profile records (leaksear.ch metadata). The leaksear.ch index includes contact details, profile information, IP addresses, dates of birth, usernames, password hashes, and salts (leaksear.ch metadata).
What happened
PlexusMD is described in public app listings as a medical app developed by Plexus Professionals Network Private Limited and aimed at doctors and medical students (www.appbrain.com). A company profile lists PlexusMD in Ahmedabad, Gujarat, India, with the legal name Plexus Professionals Network Private Limited (www.thecompanycheck.com).
SynScan's public breach page also lists a PlexusMD 2020 breach in India's healthcare category and reports exposure including usernames, email addresses, IP addresses, dates of birth, names, phone numbers, and password data stored in an unknown hash type (synscan.net). The leaksear.ch metadata for the indexed dataset records a November 1, 2020 breach date and 232,346 indexed records (leaksear.ch metadata).
Public sources reviewed for this article do not identify a root cause, such as ransomware, scraping, misconfigured storage, or third-party compromise. The exposure mechanism and whether any password hashes were cracked should therefore be treated as unconfirmed.
What data was exposed
The leaksear.ch indexing metadata lists the following searchable fields: address, date of birth, email address, hashed password, IP address, name, phone number, and username (leaksear.ch metadata).
Additional stored record context includes account creation and modification timestamps, profile status, city and country identifiers, gender, degree and title metadata, profile verification fields, mobile verification fields, last-login data, profile photo references, salts, and other account and profile identifiers. These are stored record fields, not direct search pivots on leaksear.ch (leaksear.ch metadata).
Why this matters
This is more than a contact-list leak because the records combine identity data, contact details, professional profile metadata, IP addresses, and password hashes in the same account records (leaksear.ch metadata). That combination can support targeted phishing, credential-reuse checks against other services, and impersonation attempts aimed at medical professionals or students.
The FTC warns that phishing messages often ask for passwords or sensitive information and that shared passwords can give scammers access to other accounts (www.ftc.gov). Its data breach response guidance also notes that exposed personal information can create identity-theft risk and that organizations should clearly identify what information was taken and how affected people should respond (www.ftc.gov).
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include address, date of birth, email, hashed password, ip address, name, phone, and username.