Veradigm Data Breach
Veradigm Health IT Platform Breach (2025): 2.3 Million Patient Records Including Medical Diagnoses & SSN
Healthcare technology company providing software, data, and analytics solutions.
Risk Interpretation
Severe risk because the platform sits inside clinical data flows at scale. Exposure can enable medical fraud, prescription abuse, identity theft, and provider impersonation.
Impact & Downstream Threats
Veradigm discovered unauthorized access to its systems on July 1, 2025, with the investigation confirming exposure of sensitive data for more than 84,000 individuals. Exposed information included names, Social Security numbers, driver's license numbers, dates of birth, contact details, diagnoses, medications, test results, health insurance information, and payment details. Veradigm notified affected individuals on September 22, 2025, and implemented additional technical safeguards. A consolidate
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
- Medical identity fraud or insurance abuse using health data
Threat Vectors
Breach Intelligence
Executive Summary
Veradigm, a healthcare technology company that processes clinical and administrative data on behalf of physician practices and health systems, discovered unauthorized access to its systems on July 1, 2025. The breach affected more than 84,000 individuals, including patients whose records were held within Veradigm's platform. The attack vector has not been publicly disclosed. Veradigm was formerly known as Allscripts Healthcare Solutions and rebranded in 2023; many affected patients would not have recognized the company's name or known their data was held there. The exposed data included names, Social Security numbers, driver's license numbers, dates of birth, home addresses, phone numbers, email addresses, medical diagnoses, medications, test results, health insurance details, account balances, and payment information. This combination is particularly dangerous. Social Security numbers enable identity theft and fraudulent credit applications. Medical diagnoses and insurance details can be used to submit false insurance claims or obtain prescription drugs under a victim's identity. Account balance data adds a direct financial dimension to the exposure. Veradigm notified affected individuals on September 22, 2025, and reported implementing additional technical safeguards. A consolidated class-action lawsuit, Goodrum et al. v. Veradigm, Inc., reached a $10.5 million settlement. Eligible individuals could claim up to $5,000 for documented out-of-pocket losses, a $50 flat cash payment, or two years of medical data monitoring. The claim deadline was March 16, 2026. Affected individuals should monitor their credit reports, review their health insurance statements for unfamiliar claims, and consider placing a fraud alert or credit freeze with the major credit bureaus.
About Veradigm
Veradigm is a healthcare technology company providing electronic health record software, data analytics, and life sciences research services to physician practices, health systems, and pharmaceutical organizations. The company was formerly known as Allscripts Healthcare Solutions before rebranding to Veradigm in 2023 to reflect its focus on data and analytics. It serves thousands of healthcare provider organizations and holds large volumes of patient clinical and administrative data.
Why They Hold Your Data
Health IT platforms collect provider, patient, prescribing, claims, billing, and workflow data across electronic records, analytics, and healthcare software systems.
Recent Developments
Veradigm completed its rebranding from Allscripts in 2023 and has continued repositioning itself as a health data and analytics business. The company has faced financial pressure and strategic restructuring. The 2025 breach and associated $10.5 million settlement were the most significant legal and reputational events of the recent period.
Data Points Exposed
Exposure Categories
Canonical Fields
account_balance, email_address, full_name, medical_diagnosis, phone_number, physical_address:home, ssn
Dark Web Verification
- Dataset containing ~2.3M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: veradigm-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Veradigm
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam