Healthcare management services provider QualDerm is notifying more than 3.1 million people that their personal, medical, and health insurance information was stolen in a December 2025 data breach.
Brian Bell, CEO at FusionAuth had this to say:
“Healthcare keeps struggling with identity because the industry has treated access management as a compliance exercise rather than a security architecture decision. The problem isn’t just that someone got in, it’s that once inside, there was nothing limiting what they could reach. Authorization controls, audit trails, isolated infrastructure; that’s what turns a catastrophic breach into a contained incident. Without it, you’re doing forensics on a disaster instead of preventing one.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy adds this:
“This is a concerning development for QualDerm patients, as the breach exposes quite a bit of personal, medical, and identification-related information, leaving them open to possible phishing and identity theft schemes. Affected patients should keep an eye out for phishing schemes using the gleaned info and should also immediately take advantage of the free identity theft and credit monitoring services offered by the company.”
Once again the heathcare sector gets pwned. The fact that this sector keeps getting pwned should be a wakeup call that something needs to be done to change the direction of travel. But sadly that does not seem to be happening.
Like this:
Like Loading...
Related
This entry was posted on March 24, 2026 at 2:35 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
3.1 Million Impacted by QualDerm Data Breach
Healthcare management services provider QualDerm is notifying more than 3.1 million people that their personal, medical, and health insurance information was stolen in a December 2025 data breach.
Brian Bell, CEO at FusionAuth had this to say:
“Healthcare keeps struggling with identity because the industry has treated access management as a compliance exercise rather than a security architecture decision. The problem isn’t just that someone got in, it’s that once inside, there was nothing limiting what they could reach. Authorization controls, audit trails, isolated infrastructure; that’s what turns a catastrophic breach into a contained incident. Without it, you’re doing forensics on a disaster instead of preventing one.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy adds this:
“This is a concerning development for QualDerm patients, as the breach exposes quite a bit of personal, medical, and identification-related information, leaving them open to possible phishing and identity theft schemes. Affected patients should keep an eye out for phishing schemes using the gleaned info and should also immediately take advantage of the free identity theft and credit monitoring services offered by the company.”
Once again the heathcare sector gets pwned. The fact that this sector keeps getting pwned should be a wakeup call that something needs to be done to change the direction of travel. But sadly that does not seem to be happening.
Share this:
Like this:
Related
This entry was posted on March 24, 2026 at 2:35 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.