3.1 Million Impacted by QualDerm Data Breach

Healthcare management services provider QualDerm Partners is notifying more than 3.1 million people that their personal, medical, and health insurance information was stolen in a December 2025 data breach. The incident, the company says, was discovered on December 24 and involved unauthorized access to its network for two days. During this window, the attackers exfiltrated certain information from the “limited number of systems” that they compromised, the company notes in an incident notification (PDF). The stolen information, it says, includes names, addresses, dates of birth, email addresses, medical record numbers, doctor names, treatment and diagnosis information, health insurance information, dates of death, and, in some cases, government-issued ID information. QualDerm also notes that its investigation into the data breach continues, and that it has decided to notify the patients who have been identified to date. In response to the attack, the company immediately activated its response plans, took steps to contain the unauthorized activity, assessed the security of its systems, and notified law enforcement and regulatory agencies. QualDerm told the US Department of Health and Human Services that 3,117,874 people were impacted by the attack. The incident was reported last month, but was added to the HHS’s breach portal this week. The company is providing the impacted individuals with 12 months of free identity theft and credit monitoring services. Headquartered in Brentwood, Tennessee, QualDerm Partners provides healthcare management services to 158 practices in 17 states, covering cosmetics, dermatology, pathology, plastic surgery, and skin cancer care. Related: Mazda Says Employee, Partner Information Stolen in Cyberattack Related: Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware Related: Navia Data Breach Impacts 2.7 Million Related: Robotic Surgery Giant Intuitive Discloses Cyberattack WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware  Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack QNAP Patches Four Vulnerabilities Exploited at Pwn2Own  Tycoon 2FA Fully Operational Despite Law Enforcement Takedown Eclypsium Raises $25 Million for Device Supply Chain Security Navia Data Breach Impacts 2.7 Million Thousands of Magento Sites Hit in Ongoing Defacement Campaign Allure Security Raises $17 Million for Online Brand Protection Latest News RSAC 2026 Conference Announcements Summary (Day 1) Extortion Group Claims It Hacked AstraZeneca Chrome 146 Update Patches High-Severity Vulnerabilities Webinar Today: Putting CIS Controls and Benchmarks into Practice Iran Built a Vast Camera Network to Control Dissent. Israel Turned It Into a Targeting Tool Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn Mazda Says Employee, Partner Information Stolen in Cyberattack Stryker Says Malicious File Found During Probe Into Iran-Linked Attack Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move 7AI has appointed Israel Barak as its first Chief Information Security Officer. Brian Harrell has been appointed Chief Security Officer at FirstEnergy. eSentire has named James C. Foster as Chief Executive Officer. More People On The Move Expert Insights The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat As Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How To Eliminate The Technical Debt Of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Flipboard Reddit Whatsapp Email