Absolute Dental Group, LLC has experienced a major data breach. On Feb. 25, 2025, the medical organization discovered an issue with its internal systems. An investigation revealed that an unauthorized actor accessed Absolute Dental systems between Feb. 19, 2025 and March 5, 2025.
The cybersecurity incident impacted a total of 1,223,635 current and former patients from the 50 or more Absolute Dental locations. The breach occurred through an account associated with Absolute Dental's third-party managed services provider. Absolute Dental Group reported the data breach to the U.S. Department of Health and Human Services on May 2, 2025.
A review was completed on July 28, 2025 and it was determined that the data breach compromised both personally identifiable information (PII) and protected health information (PHI). Exposed information includes names, contact information, dates of birth, Social Security numbers, driver’s license or state-issued ID information, health information which may include health history, treatment and diagnosis information, explanation of benefits, health insurance information, MRN number or patient identification number. In some cases, financial account details and/or payment card information was exposed as well.
Absolute Dental began notifying impacted individuals by mail in August 2025 and published a Notice of Data Incident on its website. The data breach was also disclosed to the Massachusetts, California, Oregon and Texas Attorney Generals' offices beginning on Aug. 26, 2025.
Affected current and former patients includes 1,892 in Texas and 137 in Massachusetts.
In addition to required state and federal disclosures, Absolute Dental is offering two years of free Kroll identity monitoring services.
If you receive a data breach notice, or believe your personal and protected health information may have been compromised:
For more information, visit the Absolute Dental Group website.
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.