Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.

Exact Sciences Data Breach

Exact Sciences may have experienced a cybersecurity incident after ransomware group ShinyHunters allegedly claimed responsibility for an attack reported on July 15, 2026.

Exact Sciences
Date of Breach: July 15, 2026
CAU logo

Who was affected:

Clients of Exact Sciences

Impacted Data:

Patient information

Protected health information

Personal identifying information

Employee information

Internal company records

Other sensitive data

Exact Sciences, a diagnostic screening test provider known for at-home cancer screening products, may have experienced a cybersecurity incident that could have exposed sensitive company or consumer information. According to reports, ransomware group ShinyHunters has claimed responsibility for an alleged cyberattack involving Exact Sciences. The incident has not been confirmed by Exact Sciences at this time.

Exact Sciences, the company behind screening products including Cologuard and Cancerguard, was acquired by Abbott Laboratories in March 2026. The potential breach raises concerns regarding the protection of sensitive healthcare-related information maintained by the company.

Exact Sciences Data Breach Investigation

Reports have emerged indicating that Exact Sciences may have suffered a data security incident involving a possible ransomware attack. According to a July 15, 2026 post on cybersecurity blog HookPhish, ransomware group ShinyHunters allegedly claimed responsibility for the suspected cyberattack.

HookPhish reportedly estimated that the alleged attack occurred on the same day the claim was published. However, Exact Sciences has not publicly confirmed that a breach occurred, and there is currently no verified information regarding whether company systems were accessed or what information may have been compromised.

At the time of reporting, details regarding the scope and nature of the alleged Exact Sciences data breach remain limited. It is currently unclear whether the incident involved patient information, employee data, internal company files, healthcare-related records, or other sensitive information.

Exact Sciences provides diagnostic screening services used by individuals nationwide, including at-home cancer screening tests. Because healthcare and diagnostic companies often maintain sensitive personal and medical information, a cybersecurity incident involving such an organization could create risks for individuals whose information may be stored within company systems.

Healthcare-related data breaches can have serious consequences because exposed information may potentially be used for identity theft, medical identity theft, insurance fraud, phishing attempts, or other forms of misuse.

Individuals affiliated with Exact Sciences should monitor for future updates from the company and take precautionary steps to protect their personal information.

When Did This Breach Occur?

According to the available report from HookPhish, the suspected Exact Sciences cyberattack is estimated to have occurred on July 15, 2026, the same day the alleged incident was reported.

At this time, Exact Sciences has not confirmed the incident, and additional details regarding the date of unauthorized access, discovery of the event, or company response have not been publicly disclosed.

What Information Was Breached?

The specific information potentially involved in the alleged Exact Sciences data breach has not been publicly disclosed.

At this time, it remains unclear whether the incident involved:

  • Patient information
  • Protected health information
  • Personal identifying information
  • Employee information
  • Internal company records
  • Other sensitive data

If Exact Sciences confirms the incident or provides notice to affected individuals, additional details may become available regarding the types of information involved.

What You Can Do

If you are affiliated with Exact Sciences and believe your information may have been affected, consider taking the following steps:

  • Monitor your accounts: Review financial accounts, insurance activity, and healthcare records for suspicious activity.
  • Review medical information: Check medical bills, insurance statements, and healthcare records for unfamiliar services or claims.
  • Review credit reports: Look for unfamiliar accounts, inquiries, or changes that may indicate identity theft.
  • Be alert for phishing attempts: Cybercriminals may use healthcare-related information to create convincing emails, calls, or messages.
  • Update account security: Use strong passwords and enable multi-factor authentication where available.
  • Save company communications: Keep any notices, emails, or letters received from Exact Sciences regarding the incident.
  • Document suspicious activity: Maintain records of unusual activity, expenses, or time spent responding to potential misuse.

If you are a current or former Exact Sciences customer, patient, employee, or otherwise affiliated with the company and believe your information may have been exposed, understanding your legal rights may help determine your next steps.

File a Data Breach Lawsuit Against Exact Sciences

Companies that collect, store, and manage sensitive healthcare and personal information have a responsibility to implement reasonable cybersecurity measures to protect that information from unauthorized access. When a cybersecurity incident occurs, affected individuals may face privacy concerns, medical identity theft risks, and costs associated with monitoring and protecting their information.

If your information was exposed in the Exact Sciences data breach, you may have legal options. A class action lawsuit may allow affected individuals to seek compensation for losses related to privacy violations, time spent responding to the breach, identity protection expenses, and other damages connected to the incident.

By joining together with others affected by the same cybersecurity event, individuals may be able to hold organizations accountable and encourage stronger data protection practices.

Contact Class Action U to connect with experienced data breach lawyers. If you received a notice or believe your information may have been affected, fill out our secure form to learn more. There is no cost and no obligation to speak with a legal partner.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Date of Breach: July 14, 2026
Date of Breach: Not Specified
Date of Breach: July 13, 2026
Related News

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.