Veradigm Data Breach Exposes SSNs and Medical Records of 2.6M People

On July 1, 2025, Veradigm , a national healthcare technology provider, discovered a significant data breach affecting at least 2,672,036 individuals across the United States.

An investigation revealed that the cybersecurity incident, involving unauthorized access to a storage account containing sensitive patient data, took place around Dec. 15, 2024. The breach is considered severe due to the combination of data types exposed, which can be used for identity theft and insurance fraud.

The types of information exposed included names, contact information, dates of birth, Social Security numbers, driver's license numbers, health insurance information, medical records including diagnoses, medications, test results and treatments and payment details. Veradigm began notifying impacted medical practices and their patients by mail on Sept. 22, 2025. The company also posted a notice of data security incident on its website.

Veradigm disclosed the breach to various state agencies beginning on Sept. 22, 2025, including the California, Massachusetts, Oregon, South Carolina, Vermont, Montana, Washington and Texas Attorney Generals' offices.

The state specific disclosures note that there have been 43,684 Texans, 23,491 South Carolina residents, 845 in Washington, 54 in Montana and 202 in Massachusetts affected by the breach.

Veradigm's response

In response to the breach, Veradigm engaged cybersecurity experts to conduct a thorough review of the impacted storage account. In addition to required state and federal disclosures, the company is offering free Experian IdentityWorks credit monitoring services to all impacted indivuals.

If you receive a notice from Veradigm or your provider about this breach, you may want to:

• Sign up for the free credit monitoring services, provided by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.