Pivot Health Data Breach Exposes Sensitive Health Details of Patients

Pivot Health, a tech-driven insurance company specializing in short-term medical insurance and supplemental health products, disclosed a data breach that exposed personal and health insurance information.

A total of 8,391, previously 5,864, individuals were impacted, including 1,172 Texas residents, 94 Indiana residents and 27 Nebraska residents. Pivot Health notified consumers by U.S. mail, as well as posted a notice on its website.pdf).

An unauthorized actor gained access to Pivot Health's Amazon Web Services (AWS) cloud environment at various periods between Feb. 26, 2026, and March 13, 2026. During the roughly two-week window, certain information stored within the AWS environment was viewed or copied by the unknown actor.

After detecting suspicious activity within its AWS environment, Pivot Health secured its systems and launched an investigation with the assistance of third-party forensic specialists to determine the nature and scope of the unauthorized access.

The types of information exposed included names, dates of birth, health insurance information (including health insurance billing and payment information), identification numbers such as member identification, person identification, certificate identification and coverage identification, dates of coverage, and in some cases, financial account information.

Pivot Health's response to the breach

Pivot Health directed affected individuals to resources they can use to monitor their own credit, including free annual credit reports available from each of the three major credit reporting bureaus.

For those with questions about the incident, Pivot Health has set up a dedicated toll-free assistance line at 844-593-8519. The line is available Monday through Friday from 8:00 a.m. to 8:00 p.m. EST, excluding U.S. holidays. Individuals may also write to the company at 401 North Miami Ave., Suite 205, Miami, Fla. 33127.