.png)
QualDerm Partners Data Breach Affects over 3.1 Million People
QualDerm Partners, LLC, a healthcare management services organization specializing in dermatology and skin care, recently experienced a data breach impacting the personal and health information of over 3.1 million people. The incident was discovered on Dec. 24, 2025, after unauthorized activity was detected on certain systems within the company's network.
According to the notice of the breach posted on the company's website, the breach occurred between Dec. 23 and Dec. 24, 2025, and involved an unauthorized actor gaining access to and removing data from a limited number of internal systems.
The breach was the result of a targeted cyberattack, where an unauthorized actor infiltrated QualDerm’s systems and exfiltrated sensitive data over a short period.
The types of information exposed in this incident varied by individual but included both personally identifiable information (PII) and protected health information (PHI): patient name, date of birth, doctor name, medical record number, date of death, email address, treatment information, diagnosis information and health insurance information, and government-issued identification information, such as a driver’s license number.
The breach affected 3,117,874 people across the country, including at least 174,837 individuals in Texas alone, as reported to the Texas Attorney General on Feb. 24, 2026.
The full scope of the breach is still being reviewed, but the company has already begun notifying affected individuals. Furthermore, the breach was disclosed to the attorney general of California and to the U.S. Department of Health and Human Services.
QualDerm Partners' response
To support those affected, QualDerm is providing complimentary credit monitoring and identity protection services. Impacted individuals are encouraged to remain vigilant by reviewing account statements and Explanation of Benefits forms for suspicious activity.
QualDerm has established a dedicated assistance line at 1-855-522-4707, available Monday through Friday from 8 a.m. to 8 p.m. Eastern time, excluding holidays.
Given the nature of the breach, affected individuals should:
- Monitor financial and medical accounts for unusual or unauthorized activity
- Take advantage of the free credit monitoring and identity protection services offered
- Report any suspicious activity to the relevant institution or provider
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info- Affected information types not yet disclosed
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)