Exact Sciences, a diagnostic screening test provider known for at-home cancer screening products, may have experienced a cybersecurity incident that could have exposed sensitive company or consumer information. According to reports, ransomware group ShinyHunters has claimed responsibility for an alleged cyberattack involving Exact Sciences. The incident has not been confirmed by Exact Sciences at this time.
Exact Sciences, the company behind screening products including Cologuard and Cancerguard, was acquired by Abbott Laboratories in March 2026. The potential breach raises concerns regarding the protection of sensitive healthcare-related information maintained by the company.
Exact Sciences Data Breach Investigation
Reports have emerged indicating that Exact Sciences may have suffered a data security incident involving a possible ransomware attack. According to a July 15, 2026 post on cybersecurity blog HookPhish, ransomware group ShinyHunters allegedly claimed responsibility for the suspected cyberattack.
HookPhish reportedly estimated that the alleged attack occurred on the same day the claim was published. However, Exact Sciences has not publicly confirmed that a breach occurred, and there is currently no verified information regarding whether company systems were accessed or what information may have been compromised.
At the time of reporting, details regarding the scope and nature of the alleged Exact Sciences data breach remain limited. It is currently unclear whether the incident involved patient information, employee data, internal company files, healthcare-related records, or other sensitive information.
Exact Sciences provides diagnostic screening services used by individuals nationwide, including at-home cancer screening tests. Because healthcare and diagnostic companies often maintain sensitive personal and medical information, a cybersecurity incident involving such an organization could create risks for individuals whose information may be stored within company systems.
Healthcare-related data breaches can have serious consequences because exposed information may potentially be used for identity theft, medical identity theft, insurance fraud, phishing attempts, or other forms of misuse.
Individuals affiliated with Exact Sciences should monitor for future updates from the company and take precautionary steps to protect their personal information.
When Did This Breach Occur?
According to the available report from HookPhish, the suspected Exact Sciences cyberattack is estimated to have occurred on July 15, 2026, the same day the alleged incident was reported.
At this time, Exact Sciences has not confirmed the incident, and additional details regarding the date of unauthorized access, discovery of the event, or company response have not been publicly disclosed.
What Information Was Breached?
The specific information potentially involved in the alleged Exact Sciences data breach has not been publicly disclosed.
At this time, it remains unclear whether the incident involved:
- Patient information
- Protected health information
- Personal identifying information
- Employee information
- Internal company records
- Other sensitive data
If Exact Sciences confirms the incident or provides notice to affected individuals, additional details may become available regarding the types of information involved.
What You Can Do
If you are affiliated with Exact Sciences and believe your information may have been affected, consider taking the following steps:
- Monitor your accounts: Review financial accounts, insurance activity, and healthcare records for suspicious activity.
- Review medical information: Check medical bills, insurance statements, and healthcare records for unfamiliar services or claims.
- Review credit reports: Look for unfamiliar accounts, inquiries, or changes that may indicate identity theft.
- Be alert for phishing attempts: Cybercriminals may use healthcare-related information to create convincing emails, calls, or messages.
- Update account security: Use strong passwords and enable multi-factor authentication where available.
- Save company communications: Keep any notices, emails, or letters received from Exact Sciences regarding the incident.
- Document suspicious activity: Maintain records of unusual activity, expenses, or time spent responding to potential misuse.
If you are a current or former Exact Sciences customer, patient, employee, or otherwise affiliated with the company and believe your information may have been exposed, understanding your legal rights may help determine your next steps.
File a Data Breach Lawsuit Against Exact Sciences
Companies that collect, store, and manage sensitive healthcare and personal information have a responsibility to implement reasonable cybersecurity measures to protect that information from unauthorized access. When a cybersecurity incident occurs, affected individuals may face privacy concerns, medical identity theft risks, and costs associated with monitoring and protecting their information.
If your information was exposed in the Exact Sciences data breach, you may have legal options. A class action lawsuit may allow affected individuals to seek compensation for losses related to privacy violations, time spent responding to the breach, identity protection expenses, and other damages connected to the incident.
By joining together with others affected by the same cybersecurity event, individuals may be able to hold organizations accountable and encourage stronger data protection practices.
Contact Class Action U to connect with experienced data breach lawyers. If you received a notice or believe your information may have been affected, fill out our secure form to learn more. There is no cost and no obligation to speak with a legal partner.