Conifer Health Solutions

Conifer Revenue Cycle Solutions, LLC (“we” or “Conifer”), a provider of revenue cycle management and other administrative services to healthcare providers, suffered a cybersecurity incident that affected its users' personal information.

An unauthorized third party gained access to a Microsoft Office 365-hosted business email account and compromised certain information.

The exposed information involved information to identify the individual (such as full name, date of birth, and address); (2) Social Security number, driver’s license/state ID number, and/or financial account information; (3) medical and/or treatment information (such as medical record number, dates of service, provider and facility, diagnosis or symptom information, and prescription/medication); (4) health insurance information (such as payor name and subscriber/Medicare/Medicaid number); and (5) billing and claims information.

However, upon revelation, the email account was separate from Conifer’s internal network and systems, and those who were affected were notified.

Source: https://response.idx.us/crcs-information-texas/

"id": "CON23171122",
"linkid": "conifer-health-solutions",
"type": "Breach",
"date": "08/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"