leaksear.ch has indexed a DentaQuest breach dataset containing 17,462 records tied to a May 1, 2026 breach date, with names and usernames available as search pivots (leaksear.ch metadata). DentaQuest is a U.S. dental benefits administrator, and public reporting says a broader May 2026 ShinyHunters leak involved 2.6 million accounts and hundreds of gigabytes of allegedly stolen data (haveibeenpwned.com, www.bleepingcomputer.com).
What happened
Public reporting describes the DentaQuest incident as an extortion-driven leak. Have I Been Pwned says DentaQuest was targeted in May 2026 by a ShinyHunters "pay or leak" campaign that resulted in hundreds of gigabytes of data allegedly obtained from the company being published, while BleepingComputer reported that ShinyHunters claimed more than 234 GB of stolen data and leaked it after a reported failure to reach an agreement (haveibeenpwned.com, www.bleepingcomputer.com).
DentaQuest's own security update confirms unauthorized access to a limited portion of its network. The company said it secured the network, completed a comprehensive assessment with independent cybersecurity experts, continued working with forensic data analysts to determine what information may have been compromised, and was making regulatory filings (www.dentaquest.com).
Security Affairs also reported that DentaQuest was listed on the ShinyHunters leak site in May and that the group published a 234 GB archive allegedly stolen from the company. DentaQuest has not publicly provided technical details about the initial intrusion vector in the sources reviewed for this article (securityaffairs.com).
What data was exposed
In the leaksear.ch index, the searchable fields for this DentaQuest source are name and username. The indexed records also include document context fields, including document date, document type, file extension, filename, record ID, and source path, but those fields are stored as record context and are not direct search pivots (leaksear.ch metadata).
For the broader public DentaQuest breach listing, Have I Been Pwned identifies exposed data types including dates of birth, email addresses, genders, government-issued IDs, health insurance information, names, phone numbers, and physical addresses. HIBP also says much of the data appeared in healthcare enrollment files, with some records containing Medicaid IDs (haveibeenpwned.com).
Why this matters
Names and usernames in the indexed dataset can help attackers personalize phishing, account recovery attempts, or impersonation messages. When combined with the broader DentaQuest exposure reported by HIBP and others, including contact details, government ID data, and health insurance information, the risk extends to targeted scams, insurance fraud attempts, and identity verification abuse (haveibeenpwned.com, www.bleepingcomputer.com). DentaQuest has specifically warned members to remain vigilant against targeted scams and said it will not demand payment, passwords, or sensitive health information via text message, social media, or email (www.dentaquest.com). To check whether your data appears in this leak, search leaksear.ch using your name or username (leaksear.ch metadata).
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include name and username.