HomeNewsBreachesAbout
Account
avantic-medical-lab-2025

Avantic Medical Lab Breach

Jun 10, 2025

29,112 rows

Added on Sep 25, 2025

Search the Leak

Email
Phone Number

What happened in the Avantic Medical Lab Breach?

DataBreach.com Team · September 24th 2025, 8:00 pm EDT

On June 10, 2025, the Everest ransomware group added Avantic Medical Lab - a diagnostic services provider headquartered in Edison, New Jersey - to its dark web leak site. By July 3-4, the group published what it claimed was 31-33 GB of internal files, including sensitive patient data. Despite the exposure, Avantic has not publicly confirmed the incident, and no entry for the lab appears on the U.S. Department of Health and Human Services’ HIPAA breach portal as of this writing.  
   

What was stolen    

Leaked archives reportedly contained:    

  • Patient names, addresses, phone numbers, and dates of birth     
  • Social Security numbers and other government identifiers     
  • Laboratory results, diagnoses, and physician notes     
  • Health insurance and billing records     
  • Payment card and check images in some cases     
    The breadth of data indicates compromise of both clinical and administrative systems, raising risk of identity theft alongside exposure of protected health information (PHI).  
       

How the intruders got in    

Everest did not disclose its intrusion method. No forensic report has been released by Avantic. Based on patterns in other Everest campaigns, researchers suspect initial access was gained through stolen VPN or remote-desktop credentials, followed by lateral movement into file servers containing patient records. Without confirmation, the vector remains speculative.  
   

Scope by the numbers    

  • 31-33 GB of files posted publicly    
  • Dataset includes tens of thousands of patient records (exact count not yet confirmed)     
  • Exposure spans medical, financial, and insurance data categories     

Immediate fallout    

Security researchers flagged the leak within days, noting the combination of clinical test results and Social Security numbers is unusually toxic for victims. While consumer credit data can be changed, lab histories cannot - making the Avantic breach especially sensitive.     
Some files reviewed by analysts included explanation-of-benefits (EOB) forms and payment records, which could be misused for insurance fraud. The inclusion of lab test results also increases risks of stigma or discrimination if data circulates publicly.    
    

Company response    

As of late September 2025, Avantic has not issued a breach notification to patients or regulators. Its public website contains only a generic HIPAA Privacy Notice. That silence has drawn criticism from privacy advocates, who argue affected patients have been left in the dark.    
    

Ongoing significance    

The Avantic case illustrates how ransomware crews continue to target healthcare providers for their rich PHI stores. Unlike retail or entertainment breaches, the exposure here spans irreversible health data, amplifying harm beyond credit monitoring.     
Regulators and class-action attorneys are watching closely. Unless Avantic acknowledges the incident and begins notification, patients may only learn of their exposure through underground dumps and media reports.    

For media inquiries, contact us at contact@databreach.com