A major healthcare data breach has exposed sensitive personal and medical information of 3,117,874 patients. QualDerm Partners, a Tennessee-based healthcare management services provider, discovered unauthorized system access on Christmas Eve.
The breach occurred between December 23rd and 24th when an unauthorized actor accessed and removed information from the company's network. An investigation with third-party cybersecurity experts confirmed the intrusion.
Compromised data includes names, dates of birth, doctor names, medical record numbers, treatment information, diagnoses, health insurance details, and in some cases, government-issued IDs including driver's license numbers.
QualDerm says there's currently no evidence of information misuse, but patients are advised to monitor their accounts and Explanation of Benefits for suspicious activity. The company is offering complimentary credit monitoring and identity protection services.