Healthcare Interactive, Inc. (HCIactive), a health and incentive management platform provider, experienced a data breach between July 8–12, 2025, when an unauthorized actor copied files from its network. The compromised data included personal information (names, addresses, Social Security numbers, contact details), health insurance enrollment/claims data (policy details, member IDs, billing codes), and sensitive medical records (diagnoses, prescriptions, lab results, treatment histories, and images). While HCIactive found no evidence of misuse, the exposure of such highly sensitive data particularly protected health information (PHI) poses severe risks, including identity theft, medical fraud, and targeted phishing. The company responded by securing systems, conducting a forensic review, notifying regulators, and offering affected individuals complimentary credit monitoring. Enhanced security measures were implemented to prevent future incidents. The breach underscores vulnerabilities in healthcare data systems, where unauthorized access to PHI can have long-term repercussions for both patients and providers.
Source: https://finance.yahoo.com/news/healthcare-interactive-inc-provides-notice-130000850.html
TPRM report: https://www.rankiteo.com/company/hci_2
"id": "hci3093030092325",
"linkid": "hci_2",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Certain individuals (exact '
'number unspecified)',
'industry': 'Healthcare IT',
'location': 'Ellicott City, Maryland, USA',
'name': 'Healthcare Interactive, Inc. (HCIactive)',
'type': 'Technology Provider'}],
'customer_advisories': ['Complimentary credit monitoring services offered',
'Dedicated helpline for inquiries (1-833-855-4330)',
'Written communication via postal mail'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes SSNs, medical records, '
'and health insurance details)',
'type_of_data_compromised': ['Personal information',
'Health insurance enrollment '
'data',
'Medical data',
'Health insurance claims data']},
'date_detected': '2025-07-22',
'date_publicly_disclosed': '2025-09-23',
'description': "Healthcare Interactive, Inc. ('HCIactive') reported a data "
'security event where an unauthorized actor copied certain '
'files from its computer network between July 8, 2025, and '
'July 12, 2025. The incident may have exposed personal, health '
'insurance, medical, and claims data of certain individuals. '
'While there is no evidence of misuse, HCIactive is offering '
'complimentary credit monitoring and has notified regulators. '
'Additional security measures have been implemented to prevent '
'future incidents.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'exposure of sensitive health and '
'personal data',
'data_compromised': ['Personal information (name, address, date of '
'birth, Social Security number, phone number, '
'email address)',
'Health insurance enrollment data (health '
'plans/policies, insurance companies, '
'member/group ID numbers)',
'Medical data (medical record numbers, '
'doctors, diagnoses, prescriptions, lab '
'results, images, care, treatment)',
'Health insurance claims data (claim numbers, '
'account numbers, explanation of benefits, '
'billing codes)'],
'identity_theft_risk': 'High (due to exposure of SSNs, personal, '
'and health data)',
'legal_liabilities': 'Notifications to state and federal '
'regulators; potential legal obligations '
'under data protection laws',
'systems_affected': ['Computer network']},
'initial_access_broker': {'high_value_targets': ['Health and incentive '
'management platform data']},
'investigation_status': 'Completed (comprehensive review of exposed files '
'conducted)',
'post_incident_analysis': {'corrective_actions': ['Implemented additional '
'security measures']},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Monitor credit and financial accounts for suspicious '
'activity',
'Utilize complimentary credit monitoring services offered '
'by HCIactive',
'Review and enhance security policies and measures to '
'prevent future incidents'],
'references': [{'date_accessed': '2025-09-23',
'source': 'PRNewswire Press Release'},
{'source': 'HCIactive Website',
'url': 'https://www.hciactive.com/'}],
'regulatory_compliance': {'regulatory_notifications': ['State regulators',
'Federal regulators']},
'response': {'communication_strategy': ['Public notice (PRNewswire)',
'Dedicated helpline (1-833-855-4330)',
'Website updates '
'(https://www.hciactive.com/)',
'Written correspondence (6011 '
'University Blvd Suite 400, Ellicott '
'City, MD 21043)'],
'containment_measures': ['Secured all systems'],
'incident_response_plan_activated': True,
'remediation_measures': ['Reviewed existing security policies',
'Implemented additional security '
'measures']},
'stakeholder_advisories': ['Public notice via PRNewswire',
'Direct notifications to affected individuals '
'(where applicable)',
'Regulatory notifications'],
'threat_actor': 'Unauthorized actor',
'title': 'Data Security Event at Healthcare Interactive, Inc. (HCIactive)',
'type': 'Data Breach'}