Cyber Incident Victim: QualDerm Partners

QualDerm Partners discovered thedata breach on December 24, 2025, after detecting unauthorized access to its network that persisted for two days. During this two‑day window, threat actors gained entry to a limited number of systems and exfiltrated certain information from those systems. The company’s incident notification states that the stolen data includes names, addresses, dates of birth, email addresses, medical record numbers, doctor names, treatment and diagnosis details, health insurance information, dates of death, and, in some cases, government‑issued identification numbers. QualDerm indicated that its investigation into the breach is ongoing and that it has begun notifying the patients whose information has been identified to date.

Upon discovery, QualDerm immediately activated its incident response plans and took steps to contain the unauthorized activity within its network. The company then conducted an assessment of the security of its systems to determine the extent of the compromise and to prevent further access. As part of its response, QualDerm notified law enforcement agencies and relevant regulatory bodies about the breach. It also reported the incident to the United States Department of Health and Human Services, specifying that 3,117,874 individuals were affected by the attack.

The breach was initially reported to HHS the previous month and was added to the department’s breach portal this week. In response to the impact, QualDerm is providing the affected individuals with twelve months of free identity theft and credit monitoring services. Headquartered in Brentwood, Tennessee, QualDerm Partners delivers healthcare management services to 158 practices across seventeen states, supporting specialties such as cosmetics, dermatology, pathology, plastic surgery, and skin cancer care.