Sermo Healthcare Platform Reports Data Breach
Learn More
Sermo, a healthcare platform operated by WorldOne Inc., reports a data breach to multiple state attorneys general starting February 9, 2026. The breach was detected when a power outage occurred at a Danish data center. Attackers maintained unauthorized access for several weeks, from March 19 to April 10, 2024.
After the incident, Sermo’s parent company was listed on the attacker’s leak site, and data was posted online. The company spent months downloading and reviewing the leaked data to determine what information was exposed. By September 20, 2024, Sermo had fully downloaded the dataset and confirmed that sensitive personal information was involved. The compromised data includes:
- Full names
- Social Security numbers
The number of affected individuals is 2,674. Affected individuals are offered 12 months of free identity monitoring, credit monitoring, and restoration services.
It's not clear why the company waited for over a year to report the incident.
