DentaQuest Breach Exposed Sensitive Data of 2.6 Million Accounts
DentaQuest, a major U.S. dental benefits administrator owned by Sun Life, disclosed a cybersecurity incident involving unauthorized access to a limited portion of its network, exposing sensitive information tied to 2.6 million accounts. The breach was first publicized by the extortion group ShinyHunters, which claimed to have stolen more than 234 GB of data and later leaked the dataset after an alleged failure to reach an agreement with the company.
Analysis of the leaked data found records containing email addresses, full names, phone numbers, dates of birth, genders, government-issued IDs, and health insurance information. DentaQuest said its systems remained operational and customer service saw only limited disruption while external experts investigated the scope of the compromise, but the exposed data significantly increases the risk of phishing, social engineering, identity theft, and related fraud targeting affected individuals.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Have I Been Pwned reports leaked DentaQuest dataset contains 2.6 million records
Have I Been Pwned analyzed the leaked DentaQuest dataset and reported that it contained records for 2.6 million accounts. The exposed information included email addresses, names, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth.
ShinyHunters lists DentaQuest and claims theft of 234 GB of data
The extortion group ShinyHunters publicly listed DentaQuest on its leak site and claimed to have stolen more than 234 GB of data from the company. The group later leaked the data after an alleged failure to reach an agreement with DentaQuest.
DentaQuest confirms data breach affecting 2.6 million accounts
On 2026-06-02, DentaQuest confirmed a cybersecurity incident involving unauthorized access to a limited portion of its network. The company said systems remained operational, customer service disruption was limited, and external experts were engaged to investigate the scope of compromised data.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People
securityaffairs.com
Open sourceHacking Group Claims Responsibility for Multi-Million-Record DentaQuest Data Breach
hipaajournal.com
Open sourceDentaQuest data breach exposes sensitive information of 2.6 million accounts | brief | SC Media
scworld.com
Open sourceDentaQuest data breach exposed info of 2.6 million accounts
bleepingcomputer.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Delta Dental of Virginia Email Account Breach Exposes Customer Data
Delta Dental of Virginia experienced a security incident in which an unauthorized party gained access to a corporate email account between March 21 and April 23, 2025. This breach resulted in the exposure of sensitive information belonging to approximately 146,000 customers, including names, Social Security numbers, government ID numbers, and protected health information. The company detected suspicious activity on April 23 and immediately launched an investigation with the assistance of external cybersecurity experts. There is currently no evidence that the compromised data has been misused, but Delta Dental of Virginia is offering affected individuals complimentary identity protection and credit monitoring services for one year. Delta Dental of Virginia provides dental insurance and manages oral health programs for individuals, families, and employers across the state. The breach notification was filed with the Office of the Maine Attorney General, and the company has taken steps to notify impacted customers. The incident highlights the risks associated with email account compromises in the healthcare sector, particularly regarding the exposure of sensitive personal and health information. No evidence of data abuse has been reported so far, but customers are advised to remain vigilant for potential identity theft or fraud attempts.
Mar 21, 2026
QualDerm breach exposed health and personal data of 3.1 million patients
QualDerm Partners, a Tennessee-based healthcare management company that supports dermatology practices, disclosed a cyberattack that exposed the personal and protected health information of more than **3.1 million** individuals. The company said it detected unusual activity on December 24 and later determined that an unauthorized actor accessed a limited number of internal systems between December 23 and December 24, 2025, and exfiltrated stored data. The stolen information reportedly included names, dates of birth, medical record numbers, treatment and diagnosis details, health insurance information, and driver’s license numbers, making the incident one of the larger recent healthcare data breaches. QualDerm notified the U.S. Department of Health and Human Services Office for Civil Rights, informed law enforcement and regulators, and began offering affected individuals complimentary identity protection and credit monitoring; the company did not publicly attribute the intrusion, disclose the volume of data taken, or say whether a ransom demand was involved.
May 25, 2026
Figure Data Breach Linked to Employee Social Engineering and ShinyHunters Leak
**Figure Technology Solutions**, a blockchain-based lending/fintech firm, confirmed a **data breach** after an employee was **socially engineered**, enabling attackers to access and exfiltrate a **limited number of files**. The company said it is communicating with partners and impacted individuals, has begun sending notifications, and is offering **free credit monitoring** to recipients of breach notices; it has not publicly disclosed the total number of affected individuals or when the incident was detected. The cybercrime group **ShinyHunters** claimed responsibility and alleged Figure refused to pay a ransom, publishing about **2.5GB** of purportedly stolen data on its leak site. Journalists who reviewed samples reported the exposed data included **names, home addresses, dates of birth, and phone numbers**, increasing risk of identity fraud and follow-on phishing. ShinyHunters also told reporters the intrusion was part of a broader campaign affecting organizations including **Harvard University** and **UPenn**, and referenced victims that rely on **Okta** for single sign-on.
Mar 21, 2026