**Conifer Value-Based Care Reports Email Breach Exposing Pediatric Patient Data**
On August 28, 2025, Conifer Value-Based Care, LLC—a subsidiary of Conifer Health Solutions providing administrative services to healthcare providers and plans—detected unauthorized access to an employee’s Microsoft Office 365-hosted business email account. The breach, which also occurred on August 29, exposed personally identifiable information (PII) and protected health information (PHI) of pediatric patients, their parents, and guarantors.
The compromised data included names, dates of birth, medical details, and health insurance information, though the exact scope varied by individual. Notably, the breach was isolated to the email account and did not affect Conifer’s internal networks or systems.
Conifer contained the threat immediately and launched an investigation, concluding on November 10, 2025, with affected providers and health plans notified by November 14. Address verification for impacted individuals was finalized by December 5, and the breach was officially disclosed to the California Attorney General on December 18, 2025. A Notice of Data Breach was also posted on Conifer’s website.
In response, the company enhanced security controls and monitoring to prevent future incidents and collaborated with providers to notify affected parties. While no evidence suggests misuse of the exposed data, the breach underscores risks to sensitive healthcare information.
Source: https://www.claimdepot.com/data-breach/conifer-health-solutions-2025
Conifer Health Solutions cybersecurity rating report: https://www.rankiteo.com/company/conifer-health-solutions
Conifer Health Solutions cybersecurity rating report: https://www.rankiteo.com/company/conifer-health-solutions
"id": "CONCON1766160151",
"linkid": "conifer-health-solutions, conifer-health-solutions",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Pediatric patients, their '
'parents, and guarantors',
'industry': 'Healthcare',
'name': 'Conifer Value-Based Care, LLC',
'type': 'Healthcare Administrative Services'}],
'attack_vector': 'Business Email Compromise (BEC)',
'customer_advisories': 'Notification to potentially affected individuals '
'(completed by 2025-12-05); support hotline provided '
'(1-833-781-8318)',
'data_breach': {'personally_identifiable_information': ['Name',
'Date of Birth',
'Medical Information',
'Health Insurance '
'Details'],
'sensitivity_of_data': 'High (medical and health insurance '
'details)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-08-28',
'date_publicly_disclosed': '2025-12-18',
'date_resolved': '2025-12-05',
'description': 'Conifer Value-Based Care, LLC discovered that an unauthorized '
'third party had gained access to an employee’s Microsoft '
'Office 365-hosted business email account, exposing personally '
'identifiable information (PII) and protected health '
'information of pediatric patients, their parents, and '
'guarantors.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive health data',
'data_compromised': 'Personally identifiable information (PII) and '
'protected health information (PHI)',
'identity_theft_risk': 'High (exposure of PII and PHI)',
'operational_impact': 'Investigation and notification processes '
'initiated',
'systems_affected': 'Microsoft Office 365-hosted business email '
'account'},
'initial_access_broker': {'entry_point': 'Microsoft Office 365-hosted '
'business email account'},
'investigation_status': 'Completed (2025-11-10)',
'lessons_learned': 'Importance of securing business email accounts and '
'enhancing monitoring practices to prevent unauthorized '
'access.',
'post_incident_analysis': {'corrective_actions': 'Enhanced security controls '
'and monitoring practices',
'root_causes': 'Unauthorized access to an '
'employee’s business email account'},
'recommendations': ['Sign up for free IDX identity theft protection services',
'Monitor credit reports and financial accounts for '
'unusual activity',
'Be alert for phishing emails or phone calls',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus'],
'references': [{'source': 'Conifer Value-Based Care Notice of Data Breach'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (potential)'],
'regulatory_notifications': ['California Attorney '
'General '
'(2025-12-18)']},
'response': {'communication_strategy': 'Notification to affected providers, '
'health plans, and individuals; '
'posting of Notice of Data Breach on '
'dedicated website',
'containment_measures': 'Immediate containment of the threat',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'recovery_measures': 'Completion of investigation and '
'notification process',
'remediation_measures': 'Enhanced security controls and '
'monitoring practices'},
'stakeholder_advisories': 'Notification to affected providers and health '
'plans (2025-11-14)',
'title': 'Conifer Value-Based Care Business Email Compromise and Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized access to Microsoft Office 365 email '
'account'}