Industry - Data Breach
Executive Summary
Dental benefits administrator DentaQuest suffered a data breach exposing sensitive information of 2.6 million accounts, including email addresses, full names, phone numbers, government-issued IDs, health insurance information, and dates of birth. The extortion group ShinyHunters publicly leaked over 234 GB of stolen data after failing to reach an agreement with the company. Affected individuals face increased risk of phishing and social engineering attacks due to the comprehensive nature of t...
What Happened
DentaQuest, a dental benefits administrator owned by Sun Life, experienced a data breach affecting 2.6 million accounts. The extortion group ShinyHunters claimed responsibility for stealing over 234 GB of data and publicly leaked it after negotiations with the company failed. DentaQuest confirmed the breach on June 2, 2026, stating that unauthorized actors accessed a limited portion of their network, and the company engaged external cybersecurity experts to investigate the incident.
Who Is Affected
Approximately 2.6 million individuals whose data was stored by DentaQuest are affected, representing a portion of the company's 35 million customers across all 50 U.S. states. The exposed information includes email addresses, full names, phone numbers, government-issued IDs, health insurance details, genders, and dates of birth. According to Have I Been Pwned, about 66% of the exposed records were already present in its database from previous breaches at other organizations.
Why It Matters
This breach is significant because it exposed highly sensitive personal and health-related information that can be exploited for identity theft, insurance fraud, and targeted phishing campaigns. DentaQuest manages dental benefits for vulnerable populations including Medicaid and Medicare beneficiaries, making the affected individuals potentially more susceptible to exploitation. The public leak by an extortion group demonstrates the ongoing threat of ransomware actors publishing stolen data when payment demands are not met.
What You Should Do
If you are or were a DentaQuest customer, monitor all incoming emails, phone calls, and text messages for phishing attempts that reference your personal or health information. Check your health insurance accounts and credit reports for unauthorized activity or new accounts opened in your name. Consider placing a fraud alert or credit freeze with major credit bureaus, and be especially cautious of communications claiming to be from health insurance providers or government agencies requesting personal information.
Summary generated from verified sources and reviewed before publication. How we summarize.