Insightin Health Data Breach Exposes 378GB of PII and PHI

Insightin Health, a healthcare technology company specializing in AI-powered solutions for health insurers and payers, recently experienced a significant data breach that may affect members of its client organizations, including Martin's Point Health Care.

The incident was first detected in September 2025, when Insightin Health identified suspicious activity within its networked environment. A third-party application’s previously unknown vulnerability was exploited by an unauthorized actor, allowing access to certain files stored on a limited number of servers between Sept. 17, 2025, and Sept. 23, 2025.

A thorough forensic investigation revealed that files potentially accessed or copied by the unauthorized party contained a range of sensitive information.

The exposed data included member names, dates of birth, non-unique identifiers assigned by health insurance providers, contract numbers, Medicare Beneficiary Identifiers, and information associated with attributed providers.

The attack was linked to the MEDUSA ransomware group, which claimed responsibility on Sept. 26, 2025, via a posting on the Tor network. MEDUSA asserted they had obtained 378 GB of Insightin Health’s data and threatened to publish it within 23 to 24 days if their demands were not met.

The breach was officially disclosed to the Vermont Attorney General on Jan. 29, 2026. The company has also posted a notice on its website.

Insightin Health's response

Upon discovering the breach, Insightin Health remediated the exploited vulnerability and reviewed their security policies, implementing additional measures to prevent similar incidents in the future.

For those affected, Insightin Health is offering complimentary access to twelve months of credit monitoring and identity protection services through Cyberscout, a TransUnion company. Impacted individuals are encouraged to enroll in these services within ninety days of receiving their notification letter. Details on how to enroll are included in the notice to consumers, which is available at the bottom of this page in PDF format.

It is recommended to review account statements, monitor free credit reports, and consider placing a fraud alert or credit freeze with the major credit bureaus.

The company’s notice provides further guidance and contact information for assistance.