Medical laboratory and diagnostics provider.
On June 10, 2025, the Everest ransomware group added Avantic Medical Lab to its dark-web leak site, and by July 3-4, 2025 published roughly 31-33 GB of internal files (records spanning 2018-2023). The exposed archives reportedly included patient names, addresses, phone numbers, dates of birth, Social Security numbers and other government IDs, laboratory results, diagnoses and physician notes, health insurance and billing records, and payment card or check images in some cases. Everest did not disclose its intrusion method; researchers suspect stolen VPN/RDP credentials. As of the latest reporting, Avantic had not publicly confirmed the incident or filed with HHS; the record count (~29,112) reflects a DataBreach.com parse rather than an official notification. The breach is catalogued by DataBreach.com and DataBreaches.net.
ObscureIQ assessment: High risk of identity theft, medical fraud, and health-related phishing. Lab data can also reveal sensitive testing status and provider relationships.
The leak exposed an unusually toxic combination of irreversible clinical data (lab results, diagnoses, physician notes) alongside Social Security numbers, government IDs, insurance records, and payment-card or check images. Unlike credit data, lab histories cannot be reset, so affected patients face lasting identity-theft, insurance-fraud, and medical-privacy harm, and the lab’s lack of formal notification left patients to learn of exposure through leaks and media.
Avantic Medical Lab is a diagnostic testing and clinical laboratory provider headquartered in Edison, New Jersey, serving hospitals, physicians, and patients across New Jersey, New York, and the Pennsylvania metro area. It processes blood draws and other specimens, generating patient identity, insurance, billing, provider-order, and diagnostic-result records as part of routine testing and reporting workflows.
Medical laboratories collect patient identity, contact, billing, insurance, provider-order, and diagnostic test records across testing and reporting workflows.
As of the latest available reporting, Avantic had not issued a public breach notification to patients or regulators and no entry appeared on the HHS breach portal, drawing criticism from privacy advocates. Multiple class-action law firms have opened investigations into the incident.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.
If you believe your information may be included:
On June 10, 2025, the Everest ransomware group added Avantic Medical Lab to its dark-web leak site, and by July 3-4, 2025 published roughly 31-33 GB of internal files (records spanning 2018-2023). The exposed archives reportedly included patient names, addresses, phone numbers, dates of birth,…
Verified fields include Date of Birth, Financial Account, Full Name, Government ID, Health Insurance, Lab Results, Medical Diagnosis, Phone Number, Physical Address, Social Security Number.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation