Avantic Medical Lab 2025 Data Breach

Avantic Medical Laboratory Breach (2025): ~29K Patient Records Including Diagnostic Results, SSN & Financial Data Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

EverestRansomware / ExtortionMedicalDate of BirthFinancial AccountFull NameGovernment IDHealth InsuranceLab ResultsMedical Diagnosis
High SeverityWebsite / service breach

Avantic Medical Laboratory Breach (2025): ~29K Patient Records Including Diagnostic Results, SSN & Financial Data Exposed

Medical laboratory and diagnostics provider.

Verified by ObscureIQ Intelligence
91/100Breach Risk Index
72Data Value
40Market Recency
286dSince Breach

Breach Intelligence Summary

Entity: Avantic Medical Lab · Actor: Everest · Sources: 2 references
Attack: Ransomware / Extortion
Profile: Healthcare provider · Diagnostic testing services · Medical laboratory network · USA
Timeline: Breach (2025-06-10) · Indexed (Sep 25, 2025) · Year (2025)
Exposure: 29K records · 10 fields: Date of Birth, Financial Account, Full Name, Government ID, Health Insurance, Lab Results, Medical Diagnosis, Phone Number, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

On June 10, 2025, the Everest ransomware group added Avantic Medical Lab to its dark-web leak site, and by July 3-4, 2025 published roughly 31-33 GB of internal files (records spanning 2018-2023). The exposed archives reportedly included patient names, addresses, phone numbers, dates of birth, Social Security numbers and other government IDs, laboratory results, diagnoses and physician notes, health insurance and billing records, and payment card or check images in some cases. Everest did not disclose its intrusion method; researchers suspect stolen VPN/RDP credentials. As of the latest reporting, Avantic had not publicly confirmed the incident or filed with HHS; the record count (~29,112) reflects a DataBreach.com parse rather than an official notification. The breach is catalogued by DataBreach.com and DataBreaches.net.

ObscureIQ assessment: High risk of identity theft, medical fraud, and health-related phishing. Lab data can also reveal sensitive testing status and provider relationships.

Breach Impact

The leak exposed an unusually toxic combination of irreversible clinical data (lab results, diagnoses, physician notes) alongside Social Security numbers, government IDs, insurance records, and payment-card or check images. Unlike credit data, lab histories cannot be reset, so affected patients face lasting identity-theft, insurance-fraud, and medical-privacy harm, and the lab’s lack of formal notification left patients to learn of exposure through leaks and media.

About Avantic Medical Lab

Avantic Medical Lab is a diagnostic testing and clinical laboratory provider headquartered in Edison, New Jersey, serving hospitals, physicians, and patients across New Jersey, New York, and the Pennsylvania metro area. It processes blood draws and other specimens, generating patient identity, insurance, billing, provider-order, and diagnostic-result records as part of routine testing and reporting workflows.

Why They Hold Your Data

Medical laboratories collect patient identity, contact, billing, insurance, provider-order, and diagnostic test records across testing and reporting workflows.

Recent Developments

As of the latest available reporting, Avantic had not issued a public breach notification to patients or regulators and no entry appeared on the HHS breach portal, drawing criticism from privacy advocates. Multiple class-action law firms have opened investigations into the incident.

Data Points Exposed

10 verified field types
Date of Birth High
Financial Account
Full Name High
Government ID Critical
Health Insurance
Lab Results
Medical Diagnosis Critical
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Medical identity fraud and insurance abuse using lab results, diagnoses, and insurance data
  • Identity theft and synthetic identity construction using SSN, DOB, and government IDs
  • Financial fraud using exposed payment-card and check images
  • Extortion or discrimination from exposure of irreversible diagnostic/health data
  • Targeted phishing and vishing referencing lab tests or medical billing
  • Doxxing and physical targeting from exposed home addresses
Threat vectors:
  • Medical extortion, insurance fraud & discrimination
  • Full identity theft & synthetic identity fraud
  • Financial account & payment card fraud
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Home targeting, stalking & physical threat

Threat Actor: Everest

Everest
Ransomware / Extortion

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Avantic Medical Lab breach?

On June 10, 2025, the Everest ransomware group added Avantic Medical Lab to its dark-web leak site, and by July 3-4, 2025 published roughly 31-33 GB of internal files (records spanning 2018-2023). The exposed archives reportedly included patient names, addresses, phone numbers, dates of birth,…

What data was exposed?

Verified fields include Date of Birth, Financial Account, Full Name, Government ID, Health Insurance, Lab Results, Medical Diagnosis, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation