NEWTOWN, Pa., Dec. 05, 2025 (GLOBE NEWSWIRE) -- The law firm of Edelson Lechtzin LLP is investigating data privacy claims regarding an incident at Healthcare Interactive, Inc. (“HCIactive”). HCIactive learned of a data breach on or about July 22, 2025.
If you would like to discuss this case with a lawyer, please click HERE.
About Healthcare Interactive, Inc.
HCIactive is an Insurtech company that uses an AI-driven platform to simplify benefits, enrollment, and wellness management for TPAs, brokers, and health systems.
What happened?
On or around July 22, 2025, HCIactive detected unusual network activity. They acted quickly to secure the system and began an investigation. The investigation found that between July 8 and July 12, 2025, an unauthorized third party accessed and acquired certain files.
The compromised files potentially included personal data such as names, birth dates, email and phone contacts, mailing addresses, Social Security numbers, blood test results, biometric information, health insurance registration, medical records, and insurance claims. Approximately 87,565 individuals may have been impacted by this breach.
How can I protect my personal data?
If you receive a data breach notification regarding HCIactive, you should take steps to protect yourself against identity theft and fraud. Such measures include regularly reviewing your account statements and monitoring your credit reports for any suspicious or unauthorized activity.
Edelson Lechtzin LLP i
HealthCare Interactive, Inc. cybersecurity rating report: https://www.rankiteo.com/company/healthcare-interactive-inc.
"id": "HEA1765001008",
"linkid": "healthcare-interactive-inc.",
"type": "Breach",
"date": "12/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': '87565',
'industry': 'Healthcare/Insurance '
'Technology',
'location': 'NEWTOWN, Pa.',
'name': 'Healthcare Interactive, Inc. '
'(HCIactive)',
'size': None,
'type': 'Insurtech Company'}],
'customer_advisories': 'Data breach notification sent to '
'affected individuals with steps to '
'protect personal data.',
'data_breach': {'data_encryption': None,
'data_exfiltration': 'Yes',
'file_types_exposed': None,
'number_of_records_exposed': '87565',
'personally_identifiable_information': 'Names, '
'birth '
'dates, '
'email '
'and '
'phone '
'contacts, '
'mailing '
'addresses, '
'Social '
'Security '
'numbers',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally '
'Identifiable '
'Information',
'Health Data',
'Biometric '
'Information',
'Insurance Claims']},
'date_detected': '2025-07-22',
'date_publicly_disclosed': '2025-12-05',
'description': 'HCIactive learned of a data breach on or about '
'July 22, 2025, after detecting unusual network '
'activity. An unauthorized third party accessed '
'and acquired certain files containing personal '
'data between July 8 and July 12, 2025.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Personal data including names, '
'birth dates, email and phone '
'contacts, mailing addresses, '
'Social Security numbers, blood '
'test results, biometric '
'information, health insurance '
'registration, medical records, '
'and insurance claims',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': 'Individuals should regularly review account '
'statements and monitor credit reports for '
'suspicious activity to protect against '
'identity theft and fraud.',
'references': [{'date_accessed': '2025-12-05',
'source': 'GLOBE NEWSWIRE',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': 'Investigation by '
'Edelson Lechtzin LLP',
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Data breach notification',
'containment_measures': 'Secured the system',
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'threat_actor': 'Unauthorized third party',
'title': 'Healthcare Interactive, Inc. Data Breach Investigation',
'type': 'Data Breach'}}