What You Need to Know about the QualDerm Partners Data Breach

QualDerm Partners, LLC is a healthcare management services provider headquartered in Brentwood, Tennessee. The company offers comprehensive administrative, clinical, and operational support to dermatology practices nationwide. QualDerm provides management resources, funding, and operational services, including patient records management, billing, insurance processing, and other essential services to improve efficiency and care quality across its network of clinics.

QualDerm Partners supports 158 dermatology and skin care practices across 17 U.S. states, covering cosmetics, dermatology, pathology, plastic surgery, and skin cancer care. The company treats more than 120,000 patients monthly through its network of affiliated practices.

On December 24, 2025, QualDerm detected unauthorized activity on certain systems within its network. An investigation with third-party cybersecurity forensics experts determined that an unauthorized actor gained access to a limited number of systems between December 23 and December 24, 2025, and removed certain information stored within those systems.

The breach compromised the personal and protected health information of 3,117,874 individuals, making it one of the largest healthcare data breaches of late 2025 and early 2026. Among those affected are 174,837 Texas residents, with additional individuals across the other 16 states where QualDerm operates.

While QualDerm states it has no evidence of misuse of the stolen information, the sensitive nature of the data presents a significant risk for identity theft and medical fraud. The threat actor behind the attack remains unknown, and no ransomware group has publicly claimed responsibility. QualDerm is offering 12 months of complimentary credit monitoring and identity theft protection services to all affected individuals.

When Was the QualDerm Partners Data Breach?

On December 24, 2025, QualDerm Partners detected unauthorized activity on certain systems within its network. This was Christmas Eve, when many organizations operate with reduced staff, potentially making them more vulnerable to cyberattacks.

The company promptly contained the activity and launched an investigation with third-party cybersecurity forensics experts. Investigation determined an unauthorized actor accessed a limited number of systems between December 23 and 24, 2025, approximately two days. During this brief period, attackers accessed and exfiltrated certain information. The short time frame suggests a targeted cyberattack by sophisticated threat actors who moved quickly before being detected.

QualDerm immediately secured its network and notified federal law enforcement and regulatory agencies. The breach was reported to the HHS Office for Civil Rights, which added it to the HHS breach portal in March 2026, confirming that 3,117,874 individuals were affected. Notification letters began mailing on February 22, 2026, nearly two months after discovery. State attorneys general were notified, including those of Texas (174,837 residents affected) and Oregon.

Investigation continues, and QualDerm is reviewing its data security policies, procedures, and protocols to prevent similar incidents.

How to Check If Your Data Was Breached

If you are a current or former patient of any dermatology or skin care practice affiliated with QualDerm Partners in any of the 17 states where the company operates, your information may have been compromised. Here's how to verify:

• Check your mail for notification letters from QualDerm Partners sent starting February 22, 2026. The letters include details about the breach, information about what types of your data were compromised, and instructions for enrolling in complimentary credit monitoring and identity protection services.
• Contact QualDerm Partners directly if you believe you may have been affected but have not received notification. Call their dedicated assistance line at 1-855-522-4707, Monday through Friday from 8:00 a.m. to 8:00 p.m. Eastern Time (excluding holidays).
• Review the data breach notification posted on QualDerm's website for additional information about the incident.
• If you've received care at a dermatology, skin cancer care, cosmetics, plastic surgery, or pathology practice and are unsure if it's affiliated with QualDerm Partners, contact your provider's office to ask if they use QualDerm for practice management services.

Types of information potentially compromised include:

• Full names, addresses, and dates of birth
• Email addresses
• Medical record numbers
• Doctors' names
• Treatment information and diagnosis information
• Health insurance information
• Patient account information
• Dates of death (for deceased patients)
• Government-issued identification information, such as driver's license numbers (in some cases)

The specific types of information compromised vary from individual to individual. Your notification letter will specify which of your data types were affected in this breach.

What to Do If Your Data Was Breached

If you received a notification letter from QualDerm Partners, take these steps immediately:

• Enroll in the Free Credit Monitoring and Identity Protection Services

QualDerm Partners is offering 12 months of complimentary credit monitoring and identity theft protection services to all affected individuals. Follow the instructions in your notification letter to enroll. Enrollment details and deadlines should be specified in your letter. Contact the dedicated assistance line at 1-855-522-4707 if you need help with enrollment.

• Monitor Your Medical Records and Insurance

Since medical information was compromised, regularly review explanation of benefits (EOB) statements from your health insurance company for unfamiliar medical services, procedures, prescriptions, or equipment purchases. Medical identity theft can corrupt your medical records with incorrect diagnoses or treatments, potentially leading to dangerous medical errors. 

Contact your insurance company immediately if you notice suspicious activity. Request copies of your medical records and review them for accuracy.

• Review Financial Accounts and Credit Reports

If your driver's license number or other government-issued ID was compromised, criminals could attempt to open credit accounts or apply for loans in your name. Check bank accounts and credit cards for unauthorized transactions. Order free credit reports from all three bureaus (Equifax, Experian, TransUnion) at AnnualCreditReport.com or call 1-877-322-8228. Review carefully for accounts you didn't open or inquiries you didn't authorize.

• Consider a Credit Freeze or Fraud Alert

Place a credit freeze on your credit file at all three bureaus, preventing new creditors from accessing your credit report without your authorization. Alternatively, place a fraud alert requiring creditors to verify your identity before opening new accounts. Both options are free.

• Be Alert for Phishing Attempts

Criminals may use stolen information to conduct targeted phishing attacks. Be cautious of unexpected emails, calls, or texts claiming to be from dermatology practices, QualDerm Partners, insurance companies, or healthcare providers requesting personal information or payment. Verify legitimacy by contacting organizations directly using contact information you find independently.

• Report Suspicious Activity

Report suspected identity theft or fraud to the applicable institution, law enforcement, your state Attorney General, and the Federal Trade Commission at www.identitytheft.gov or 1-877-ID-THEFT (1-877-438-4338).

Are There Any Lawsuits?

As of late March 2026, several law firms are investigating potential class action lawsuits:

Edelson Lechtzin LLP announced on March 24, 2026, that it is investigating data privacy claims, seeking legal remedies for individuals whose data may have been compromised. Contact: Marc Edelson, Esq., at 844-696-7492 ext. 2 or medelson@edelson-law.com. Class Action U is also investigating potential claims, noting compensation may be available for expenses, identity protection services, and damages.

While no formal lawsuits have been filed yet, the massive scale, over 3.1 million affected, and sensitive medical data compromised make litigation likely. Potential claims could focus on negligence in cybersecurity, HIPAA violations, delayed notification (nearly two months from discovery to letters), and breach of contract to safeguard information.

If interested in potential legal claims, contact investigating law firms for free consultations. Class action investigations typically have no cost, with attorneys working on contingency.

Can My Information Be Used for Identity Theft?

Yes. While QualDerm states it has no evidence that the stolen data has been misused, the combination of data types exposed creates a significant risk for multiple forms of identity theft and fraud:

• Medical Identity Theft

The extensive medical information exposed is particularly concerning. Criminals can use health insurance information, medical record numbers, and patient account information to obtain medical services, prescription drugs, or medical equipment in your name. This corrupts your medical records with incorrect diagnoses, treatments, or prescriptions—potentially leading to dangerous medical errors when you genuinely need care. It can also result in insurance claim denials and collection notices for services you never received.

• Financial Identity Theft

For individuals whose government-issued identification numbers (such as driver's license numbers) were compromised, criminals could attempt to open credit cards, apply for loans, file fraudulent tax returns, or create synthetic identities combining real and fake information. With names, dates of birth, and addresses also exposed, attackers have significant personal details to facilitate financial fraud.

• Insurance Fraud

With health insurance information and patient account details, criminals can file fraudulent insurance claims or sell your insurance information to others on the dark web. This could lead to your insurance coverage limits being reached by fraudulent claims, leaving you without coverage when you actually need it.

• Targeted Phishing and Social Engineering

The combination of medical details, treatment information, diagnosis information, and doctors' names allows criminals to craft highly convincing phishing emails or phone calls impersonating healthcare providers, insurance companies, or dermatology practices. These attacks can trick victims into revealing additional information, making payments, or clicking on malicious links.

• Long-Term Risk from Medical Information

Medical information is particularly valuable because it doesn't change over time like credit card numbers or passwords. Your diagnosis and treatment information remain valid and usable by criminals for years. The 12-month credit monitoring period provides temporary protection, but the risk persists indefinitely, making it crucial to remain vigilant about monitoring your medical records and insurance statements for years to come.

What Can You Do to Protect Yourself Online?

Beyond immediate steps for this breach, adopt long-term strategies to protect your information:

• Practice Strong Password and Account Security

Use strong, unique passwords (12+ characters with uppercase, lowercase, numbers, symbols) for every account, including patient portals and health insurance accounts. Never reuse passwords. Use a password manager to generate and store complex passwords. Enable multi-factor authentication on all accounts that offer it.

• Monitor Your Medical and Financial Records Regularly

Review explanation of benefits statements, credit reports, bank statements, and medical records regularly for suspicious activity. Request annual copies of your medical records from healthcare providers and review for accuracy. Set up account alerts for unusual activity. Check credit reports from all three bureaus at AnnualCreditReport.com.

• Understand Healthcare Third-Party Risks

The QualDerm breach demonstrates how behind-the-scenes healthcare management companies can expose millions. When receiving care at dermatology or other specialty practices, understand your data may be shared with practice management vendors, billing companies, and administrative service providers. Ask providers about their data security practices and which third parties access your information.

• Be Cautious About Information Sharing

Provide only information that is absolutely necessary when filling out medical forms. Review privacy policies on patient portals and health apps. Be mindful of what medical and personal information you share online or through unsecured channels.

• Consider Comprehensive Long-Term Identity Protection

While QualDerm offers 12 months of free credit monitoring, the risks from compromised medical information persist for years. Consider subscribing to comprehensive long-term identity theft protection. IDStrong offers credit monitoring across all three bureaus, dark web surveillance, social media monitoring, and up to $1 million in identity theft insurance coverage. 

The QualDerm Partners breach affecting over 3.1 million individuals underscores the vulnerability of healthcare management systems that serve multiple practices. When a single vendor manages patient data for 158 practices across 17 states, a breach at that vendor can have devastating nationwide consequences. Remaining vigilant about protecting your medical and personal information is essential in today's healthcare environment.