HCIactive reports data breach exposing data of 3.1M people
Learn More
HCIactive, also known as Healthcare Interactive, reports a security breach where attackers broke into their network and stole data. The company detected the attack on July 22, 2025.
The investigation confirmed that hackers stole files between July 8 and July 12, 2025. The exposed data includes:
- Full names and home addresses
- Dates of birth and Social Security numbers
- Phone numbers and email addresses
- Health insurance claims and enrollment data
- Medical record numbers and doctor names
- Diagnoses, prescriptions, and lab results
- Medical images and treatment plans
This breach affected about 103,000 people in South Carolina but the total number of affected individuals is not disclosed. The nature of the attack is not disclosed.
HCIactive completed the investigation and began sending notification letters to victims on December 5, 2025.
HCIactive is offering one year of credit monitoring to the affected individuals. The company claims it has not seen evidence of data misuse yet, but officials urge victims to freeze their credit reports.
Victims should monitor their medical billing statements for any services they did not receive.
Update - as of 29th of January 2026, HCIactive reports that the incident affected 3.1 million individuals. The company has no evidence of data misuse but is offering credit monitoring services to affected individuals.
