Cyber Incident Victim: KorPath

In mid‑November 2025 Catalyst RCM detected suspicious activity within its secure file management system and launched an investigation that revealed compromised credentials had been used to gain access to stored files. The investigation showed that the exfiltrated files contained names, dates of birth, payment card details, medical information, and health insurance information belonging to individuals whose data Catalyst held as part of its medical coding and billing services for Vikor Scientific, KorPath, and Korgene. Shortly after the discovery, the Everest ransomware group added Vikor Scientific, KorPath, and Korgene to its leak website in November 2025 and later published data it claimed had been stolen from those companies. The public disclosure indicated that the attackers had not targeted the diagnostic firms directly but had obtained the information through the third‑party revenue‑cycle provider.

Catalyst RCM published a data breach notice on its website earlier this month (January 2026) detailing the incident and specifying the categories of personal data that were compromised. The notice explained that the compromised data was in Catalyst’s possession because of the services it provides to Vikor Scientific, KorPath, and Korgene. The US Department of Health and Human Services healthcare data breach tracker lists Vikor Scientific, which recently rebranded as Vanta Diagnostics, as the victim of a breach affecting 139,964 individuals. Catalyst, KorPath, and Korgene have not yet supplied their own impact numbers to the HHS, leaving it unclear whether the 139,964 figure represents the total affected across all entities or if the actual number is higher.

Catalyst’s investigation identified compromised credentials as the entry point and the company subsequently notified the impacted individuals of the breach. KorPath has not shared the number of individuals affected by the incident with the HHS. The breach remains under review by the relevant authorities and the involved parties.