DentaQuest Data Breach (2026)
In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly obtained from the company. The data included 2.6M unique email addresses along with names, addresses and phone numbers. Much of the data appeared in healthcare enrollment files (ASC X12 transaction sets) with some containing Medicaid IDs, while additional data appeared in member records and related files. DentaQuest acknowledged "a cybersecurity incident involving unauthorized access to
On May 23, 2026, dental benefits administrator DentaQuest became the latest victim of the ShinyHunters group, which published hundreds of gigabytes of stolen data after a “pay or leak” extortion attempt. The breach exposed records belonging to 2.6 million people, including names, physical addresses, phone numbers, email addresses, dates of birth, genders, government-issued IDs, Medicaid IDs, and health insurance information.
Confirmed Details of the Incident
Public reporting indicates the attackers gained unauthorized access to DentaQuest systems and exfiltrated large volumes of member data. Much of the information appeared in healthcare enrollment files using ASC X12 transaction sets, with additional records drawn from member databases. DentaQuest later confirmed a cybersecurity incident involving unauthorized access but has not released a full technical timeline.
The exposed dataset contained 2.6 million unique email addresses along with corresponding personal details. Government-issued identifiers and health insurance data were present in multiple file types, increasing the sensitivity of the leak. The group ultimately chose to publish the material publicly after the extortion deadline passed.
Why This Matters for You and Your Family
If you or anyone in your household has ever been covered under a DentaQuest dental plan, your personal information may now be available to identity thieves, scammers, and doxxers. Names, addresses, phone numbers, dates of birth, and government IDs together form the core dataset needed for tax fraud, loan applications in your name, or targeted phishing campaigns.
Health insurance details add another layer of risk. Criminals can use them to file false medical claims, order prescription drugs, or impersonate you when dealing with insurers. Children covered under family plans are not exempt; their dates of birth and Medicaid IDs can be exploited years later when they become adults.
The Doxxing and Identity-Chain Risks
A single breach rarely stays isolated. Once names, emails, and addresses are public, attackers can cross-reference them with usernames found on gaming platforms, social media, and older forum leaks. This creates an identity chain that links your real-world identity to online handles, making doxxing and swatting far easier.
Credential leaks of this kind frequently cascade into account takeovers. A reused password taken from the DentaQuest files can open the door to email, banking, or gaming accounts. When those accounts belong to your children, the consequences range from harassment in games to broader exposure of family photos, school details, and home address.
ShinyHunters’ Public Track Record
Public reporting attributes the DentaQuest campaign to ShinyHunters, a group known for “pay or leak” extortion since at least 2020. The actors have previously targeted organizations in healthcare, education, and technology, often publishing sample data before releasing full archives if ransom demands are ignored.
Their typical playbook begins with initial access through stolen credentials or vulnerabilities, followed by exfiltration of customer or member databases. They then contact the victim with a ransom demand and set a short deadline. When payment is not made, they upload the material to leak sites and advertise it on hacking forums. This pattern has repeated across dozens of incidents documented by researchers.
What to Do
- Run a DoxxScan to map every link between your emails, phone numbers, addresses, and online handles that may have surfaced in this or earlier breaches.
- Rotate any password you used for DentaQuest or related health portals anywhere else it is reused, and switch to 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak exposing you or your family is caught in hours instead of months.
- Cover the household with DoxxScan family protection, which includes dependents and children’s gaming accounts that often chain back to the same address or parent email.
- Let remediation specialists handle takedown requests for any personal records appearing on data broker sites that now hold information stolen from DentaQuest.
The DentaQuest breach is a reminder that healthcare-related data leaks continue to surface long after the initial incident. Taking concrete steps now limits how far criminals can travel down the identity chain that begins with this leak. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, and hands-on remediation by specialists, with household coverage that explicitly protects children’s gaming accounts alongside adult family members.
Related breaches
Match Group (Tinder, Hinge, OkCupid) Data Breach — January 2026
ShinyHunters claimed responsibility for stealing over 10 million Match Group user records in early 2…
Crunchbase Massive Personal Records Leak — January 2026
ShinyHunters exfiltrated approximately 2 million records from the business-intelligence platform Cru…
149 Million Credential Mega-Exposure — January 2026
Security researchers discovered a publicly exposed 96 GB database with 149 million unique logins cov…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →