Veradigm Data Breach Exposes Thousands of SSNs and Medical Records

On July 1, 2025, Veradigm , a national healthcare technology provider, discovered a significant data breach affecting at least tens of thousands of individuals across the United States.

An investigation revealed that the cybersecurity incident, involving unauthorized access to a storage account containing sensitive patient data, took place around Dec. 15, 2024.

The types of information exposed included names, contact information, dates of birth, Social Security numbers, driver's license numbers, health insurance information, medical records including diagnoses, medications, test results and treatments and payment details.

The total number of individuals affected has not been released but includes tens of thousands of patients from multiple healthcare practices. Veradigm began notifying impacted medical practices and their patients by mail on Sept. 22, 2025.

Veradigm disclosed the breach to various state agencies beginning on Sept. 22, 2025, including the California, Massachusetts, South Carolina, Vermont, Montana and Texas Attorney Generals' offices.

The state specific disclosures note that there have been 41,523 Texans, 23,491 South Carolina residents, 54 in Montana and 202 in Massachusetts affected by the breach.

The breach is considered severe due to the combination of data types exposed, which can be used for identity theft and insurance fraud.

Veradigm's response

In response to the breach, Veradigm engaged cybersecurity experts to conduct a thorough review of the impacted storage account. In addition to required state and federal disclosures, the company is offering free Experian IdentityWorks credit monitoring services to all impacted indivuals.

If you receive a notice from Veradigm or your provider about this breach, you may want to:

• Sign up for the free credit monitoring services, provided by the company.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.