Healthcare Interactive: More Than 3 Million Individuals Affected by July 2025 Security Incident
Healthcare Interactive, better known as HCIactive, reported a data breach to the HHS’ Office for Civil Rights on September 22, 2025, using a placeholder figure of 501 affected individuals. At the time, the extent of the data breach had not been determined as the review of affected data was ongoing. While the Maine Attorney General was informed in September that 87,565 individuals had been affected, it has now been confirmed that the data breach was far more extensive.
The Oregon Attorney General was informed on January 7, 2026, that the personal and protected health information of 3,056,950 individuals was compromised in the incident, which makes it one of the largest healthcare data breaches of 2025. As of January 30, 2026, it is the 5th largest healthcare data breach of 2025.
Healthcare Interactive is an Ellicott City, MD-based provider of AI-powered software solutions for insurance enrollment and benefits administration. On or around July 22, 2025, suspicious activity was identified within its computer network. According to its substitute data breach notice, the forensic investigation confirmed that an unauthorized third party had access to its network from July 8, 2025, to July 12, 2025, and exfiltrated files. The breach notice provided to the Oregon Attorney General suggests a longer period of unauthorized access, spanning from June 17, 2025, to July 22, 2025.
Healthcare Interactive has not uncovered any evidence to suggest that the stolen data has been misused, although as a precaution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The types of data compromised in the incident vary from individual to individual and may include names, addresses, phone numbers, email addresses, birth dates, health plan/policy numbers, health insurance provider names, member/group IDs, health insurance claim numbers, account numbers, explanation of benefits, billing codes, and medical data. Medical information potentially compromised in the incident includes diagnoses, treatment information, prescriptions, lab results, medical images, care information, doctors’ names, medical record numbers, and billing codes. The threat actor behind the attack is currently unknown.
Healthcare Interactive said it has reviewed its security policies and has taken additional steps to improve security to prevent similar incidents in the future. Healthcare Interactive announced in a press release on December 19, 2026, that it has strengthened its leadership team and operational structure to further its “AI First and AI Everywhere” mission. That includes expanded leadership oversight around AI security and data integrity, covering zero trust enforcement, AI-driven anomaly detection, modernization of encryption, and compliance-led security reviews, as well as strengthening leadership around ERISA, HIPAA, SOC 2, ISO 27001 oversight and compliance.
September 29, 2025: Data Exfiltrated in Hacking Incident at Healthcare Interactive Inc.
Healthcare Interactive Inc., a provider of AI-powered software solutions for insurance enrollment and benefits administration, has recently announced a July 2025 hacking incident that involved the exfiltration of files from its network. Suspicious activity was identified within its computer network on or around July 22, 2025. An investigation was launched to identify the cause of the activity, which confirmed unauthorized access to its network and data exfiltration from its network between July 8, 2025, and July 12, 2025.
The review of the exposed files confirmed that they contained protected health information such as names, addresses, email addresses, phone numbers, dates of birth, Social Security numbers, health insurance enrollment information, medical record numbers, diagnoses, lab results, prescriptions, and other care and treatment information, medical images, doctors’ names, and health insurance claims information.
While sensitive data was stolen, Healthcare Interactive said it is unaware of any misuse of that information; however, as a precaution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services. Security policies and procedures are being reviewed, and additional safeguards are being implemented to better secure its systems and data. The data breach is listed on the HHS’ Office for Civil Rights breach portal using a placeholder figure of at least 501 affected individuals. The total will be updated when the investigation and file review are concluded. The Maine Attorney General has been informed that the data breach affected 87,565 individuals, including 3,782 Maine residents.
