A healthcare data breach involving Vikor Scientific has exposed the personal and medical information of nearly 140,000 individuals. The incident originated from a third-party compromise at Catalyst RCM, a service provider that managed data for the diagnostic laboratory.
The U.S. Department of Health and Human Services recently updated its official tracker to include the South Carolina-based company, now known as Vanta Diagnostics. According to the federal data, exactly 139,964 people had their sensitive information compromised during the event. This disclosure follows a period of investigation into how the diagnostic firm's records were accessed and subsequently leaked online by unauthorized actors.
Evidence of the breach first surfaced in November 2025 when the Everest ransomware group added Vikor Scientific and its affiliates, KorPath and Korgene, to a public leak site. Shortly after the listing, the cybercriminals began publishing documents they claimed to have exfiltrated from the companies' systems. Despite the labs being the primary victims listed on the federal tracker, the source of the vulnerability was eventually traced back to a different organization entirely.
The security failure actually occurred at Catalyst RCM, a vendor responsible for revenue cycle management solutions for the laboratories. Catalyst reported that it identified suspicious activity within its secure file management environment during the middle of November. The company's internal investigation determined that attackers had utilized compromised credentials to bypass security measures and gain entry to the system where client data was stored.
A detailed review of the stolen files confirmed that the breach included a wide array of highly sensitive personal data. The information accessed by the hackers included full names, dates of birth, and health insurance details. Furthermore, the compromised files contained payment card information and specific medical records, posing a significant risk of identity theft and financial fraud for those impacted by the leak.
The cybercriminals behind the attack claimed to have stolen approximately 12GB of internal documents belonging to the various diagnostic entities. While the laboratories themselves were not the direct targets of the initial hack, the reliance on a third-party provider for administrative services resulted in a massive exposure of patient data. This incident highlights the ongoing vulnerability of the healthcare sector to supply chain attacks and credential-based breaches.
Source: US Healthcare Diagnostic Firm Says 140,000 Impacted By Data Breach