Healthcare Interactive Data Breach Affects 87K People Exposing Social Security Numbers

Healthcare Interactive Inc. (“HCIactive”), a company that provides insurance enrollment and benefits administration, experienced a major data breach. Around July 22, 2025, the company discovered suspicious activity within its computer network. An investigation revealed that a cybercriminal accessed and copied certain files containing personally identifiable information (PII) and protected health information (PHI) of current and former patients between July 8 and July 12, 2025.

Exposed information included names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, health insurance enrollment data including health plans, policies, insurance companies, member and group ID numbers, detailed medical records, and health insurance claims data including claim numbers, account numbers, explanation of benefits, and billing codes.

So far, the cybersecurity incident has impacted at least 87,565 individuals, including 32,493 residents in Texas, 5,461 in Massachusetts, 3,782 in Maine and 764 in New Hampshire. However, this is an ongoing investigation, and the total number of affected individuals is subject to change. The extensive data compromised puts consumers at risk for identity theft and medical fraud.

Healthcare Interactive published a Notice of Data Privacy Event on its website in Sept. 2025, and notified the U.S. Department of Health & Human Services. The company also reported the data breach to the Attorney Generals' offices in Massachusetts, New Hampshire, California, Maine, Texas and Vermont beginning on Dec. 2, 2025. The company is notifying affected individuals by mail.

HCIactive's response

Upon discovering the breach, HCIactive immediately secured its systems and launched an investigation. In addition to required state and federal disclosures, the company is notifying impacted individuals by mail and offering free credit monitoring services.

If you receive a data breach notice from Healthcare Interactive, you may want to:

• Sign up for the free credit monitoring services, offered by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

Healthcare Interactive has also set up a dedicated response line for impacted individuals at 1-833-855-4330, Monday through Friday, 9 a.m. to 9 p.m. Eastern Time