Avantic Medical Lab falls victim to Everest Ransomware Group

Published

July 8, 2025

Updated

July 26, 2025

Avantic Medical Lab

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On June 24, 2025, the Everest ransomware group claimed responsibility for a significant data breach at Avantic Medical Lab, a full-service clinical laboratory based in Edison, New Jersey. According to the group’s dark web posting, they exfiltrated approximately 33 GB of sensitive data from the lab’s systems.

The stolen files reportedly include electronic medical records (EMRs), patient histories, test results, private medical records, billing information, and internal documents. Everest provided sample screenshots on their dark web portal to demonstrate the authenticity of their claims and stated their intention to publish the full cache of files within seven to eight days of their announcement.

A ransomware attack is where cybercriminals gain unauthorized access to a company’s network, exfiltrate data, and threaten to leak it unless a ransom is paid. In this case, Everest has not only encrypted data but also stolen it, amplifying the risks for affected individuals.

The scope and sensitivity of the data involved make this breach particularly severe, as it impacts both the privacy and security of patients and potentially staff.

Avantic Medical Lab's response

As of July 26, 2025, Avantic Medical Lab has not publicly disclosed specific details about their response to the Everest ransomware attack. Typically, in incidents of this nature, companies work with cybersecurity experts to investigate the breach, assess the extent of the exposure, and secure their systems against further unauthorized access. They may also notify affected individuals and provide resources such as credit monitoring or identity theft protection services.

Given the severity and method of the breach, individuals who have used Avantic Medical Lab’s services should remain vigilant.

It is advisable to:

Monitor financial accounts and insurance statements for suspicious activity
Be alert for phishing emails or phone calls referencing medical or billing information
Consider placing a fraud alert or credit freeze with major credit bureaus
Contact healthcare providers to verify that medical records have not been altered or misused

Those potentially affected should also stay alert for official communications from Avantic Medical Lab regarding the breach and any protective steps being offered.

For more information about their services and patient resources, visit the Avantic Medical Lab website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.