ACCORDING to the US Department of Health and Human Services (HHS) data breach tracker, nearly 140,000 people were affected in a cyber incident at Vikor Scientific, which has since been rebranded as Vanta Diagnostics. The HHS listing specifies 139,964 individuals were impacted, with the breach first disclosed after the Everest ransomware group linked Vikor Scientific, KorPath, and Korgene to its leak site in November 2025.
The Everest group later published data it claimed to have stolen from the three entities, though Catalyst RCM, a provider of revenue cycle management services, stated that compromised credentials were used to access files stored by Catalyst’s system. Catalyst’s notification to affected individuals notes that the stolen files contained names, dates of birth, payment card details, medical information, and health insurance information.
SecurityWeek reports that the Everest group claimed to have exfiltrated roughly 12GB of documents from Vikor, Korgene, and KorPath. It remains unclear whether 139,964 is the total number affected or a higher figure, as Catalyst, KorPath, and Korgene have yet to share the final count with the HHS.