DentaQuest Data Breach Exposes Personal and Health Data of 2.6 Million Individuals
DentaQuest, a U.S.-based dental benefits administrator under Sun Life U.S., disclosed a data breach affecting approximately 2.6 million people. The incident was reported to the U.S. Department of Health and Human Services on January 6, 2025, with the company publishing a security update shortly after.
The breach involved unauthorized access to a portion of DentaQuest’s network, attributed to the ransomware group ShinyHunters. Exposed data included names, dates of birth, email addresses, genders, government-issued IDs, phone numbers, addresses, and health insurance information.
DentaQuest launched an investigation to assess the full scope of the compromise, which remains ongoing as of June 1, 2026. Despite the breach, the company stated its systems remained operational, with minimal disruption to client services. DentaQuest has pledged to provide updates and transparency to affected individuals.
No further details on remediation or preventive measures have been released.
Source: https://www.claimdepot.com/data-breach/dentaquest-2026
DentaQuest cybersecurity rating report: https://www.rankiteo.com/company/dentaquest
"id": "DEN1780676951",
"linkid": "dentaquest",
"type": "Ransomware",
"date": "1/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '2.6 million',
'industry': 'Healthcare',
'location': 'U.S.',
'name': 'DentaQuest',
'type': 'Dental benefits administrator'}],
'customer_advisories': 'Pledged to provide updates and transparency to '
'affected individuals',
'data_breach': {'number_of_records_exposed': '2.6 million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Dates of birth',
'Email addresses',
'Genders',
'Government-issued IDs',
'Phone numbers',
'Addresses',
'Health insurance information']},
'date_publicly_disclosed': '2025-01-06',
'description': 'DentaQuest, a U.S.-based dental benefits administrator under '
'Sun Life U.S., disclosed a data breach affecting '
'approximately 2.6 million people. The breach involved '
'unauthorized access to a portion of DentaQuest’s network, '
'attributed to the ransomware group ShinyHunters. Exposed data '
'included names, dates of birth, email addresses, genders, '
'government-issued IDs, phone numbers, addresses, and health '
'insurance information.',
'impact': {'data_compromised': 'Personal and health data of 2.6 million '
'individuals',
'downtime': 'Minimal disruption to client services',
'identity_theft_risk': 'High',
'operational_impact': 'Minimal disruption',
'systems_affected': 'A portion of DentaQuest’s network'},
'investigation_status': 'Ongoing as of 2026-06-01',
'ransomware': {'ransomware_strain': 'ShinyHunters'},
'references': [{'source': 'DentaQuest Security Update'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to the U.S. '
'Department of Health '
'and Human Services'},
'response': {'communication_strategy': 'Pledged to provide updates and '
'transparency to affected individuals'},
'threat_actor': 'ShinyHunters',
'title': 'DentaQuest Data Breach Exposes Personal and Health Data of 2.6 '
'Million Individuals',
'type': 'Data Breach'}