In a significant cybersecurity incident, a data breach has impacted nearly 140,000 individuals associated with a US healthcare diagnostic firm. The breach was disclosed by Vikor Scientific, a company specializing in molecular diagnostics, recently rebranded as Vanta Diagnostics.
Details of the Data Breach
The breach was highlighted on the US Department of Health and Human Services (HHS) data breach tracker, bringing to light the compromised information of 139,964 individuals linked to the South Carolina-based firm. The incident was initially uncovered in November 2025, when the Everest ransomware group listed Vikor Scientific and its associated labs, KorPath and Korgene, on its data leak website.
The Everest group subsequently released data purportedly stolen from these entities. However, the breach’s origin is traced back to Catalyst RCM, a revenue cycle management solutions provider, rather than a direct attack on Vikor and its affiliates.
Investigation and Findings
Earlier this month, Catalyst RCM disclosed a breach notice on its website. The company detected suspicious activities within its secure file management system in mid-November 2025. An internal investigation revealed that unauthorized access was gained through compromised credentials, leading to the exposure of sensitive data.
The stolen files contained personal information such as names, dates of birth, payment card details, medical data, and health insurance information. The Everest ransomware group claims to have extracted approximately 12GB of documents from Vikor, KorPath, and Korgene.
Ongoing Concerns and Implications
Catalyst RCM, responsible for medical coding and billing services for Vikor Scientific and its affiliates, has notified affected individuals about the compromised data. However, the exact number of individuals impacted remains uncertain, as Catalyst, KorPath, and Korgene have not yet provided detailed figures to the HHS.
Efforts to clarify the total number of affected people are ongoing, with SecurityWeek reaching out to Catalyst RCM for further information. This incident highlights the critical need for robust cybersecurity measures in the healthcare sector to protect sensitive patient data.
As investigations continue, the healthcare industry remains alert to potential ramifications, with stakeholders working to ensure enhanced data protection protocols are implemented moving forward.
