540 members impacted by a cyberattack that targeted a contracted vendor of the health plan
CAMARILLO, Calif., Dec. 2, 2025 /PRNewswire/ -- Gold Coast Health Plan (GCHP) recently discovered that one of its contracted business partners suffered a cyberattack that resulted in the potential disclosure of member information to an unauthorized third party.
Conduent Business Solutions, a longtime administrative services vendor for GCHP, reported that the cyberattack compromised a single employee's email account, permitting the attacker to gain access to some files between Oct. 21, 2024, and Jan. 13, 2025. Upon discovery of the incident on Jan. 13, 2025, Conduent immediately safeguarded its systems and started an investigation. Conduent notified law enforcement of the incident and engaged a leading cybersecurity firm to assess the potential disclosure of protected health information.
The months-long forensic investigation determined recently that the compromised system potentially exposed the information of 540 GCHP members. The information included member names, health plan identification numbers, dates of medical services, costs of services, and claim numbers. Social security numbers and financial information were neither accessed nor disclosed. GCHP is not aware of any misuse or attempted misuse of the information.
"We deeply regret that the private information of some our members was possibly exposed during this cyberattack," said Robert Franco, GCHP's chief compliance offi
Health Care Foundation For Ventura County cybersecurity rating report: https://www.rankiteo.com/company/health-care-foundation-for-ventura-county
"id": "HEA1764729457",
"linkid": "health-care-foundation-for-ventura-county",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': '540 members',
'industry': 'Healthcare',
'location': 'Camarillo, California, USA',
'name': 'Gold Coast Health Plan (GCHP)',
'size': None,
'type': 'Health Plan'},
{'customers_affected': None,
'industry': 'Business Services',
'location': None,
'name': 'Conduent Business Solutions',
'size': None,
'type': 'Administrative Services Vendor'}],
'attack_vector': 'Compromised Email Account',
'customer_advisories': 'Members notified of potential exposure',
'data_breach': {'data_encryption': None,
'data_exfiltration': None,
'file_types_exposed': None,
'number_of_records_exposed': '540',
'personally_identifiable_information': 'Names, '
'health '
'plan '
'IDs, '
'medical '
'service '
'dates, '
'costs, '
'claim '
'numbers',
'sensitivity_of_data': 'High (health-related '
'PII)',
'type_of_data_compromised': 'Protected Health '
'Information (PHI)'},
'date_detected': '2025-01-13',
'date_publicly_disclosed': '2025-12-02',
'description': 'Gold Coast Health Plan (GCHP) discovered that '
'one of its contracted business partners, '
'Conduent Business Solutions, suffered a '
'cyberattack resulting in the potential '
'disclosure of member information to an '
'unauthorized third party. The attack compromised '
"a single employee's email account, allowing the "
'attacker to access files containing member data.',
'impact': {'brand_reputation_impact': 'Potential reputational '
'damage due to exposure of '
'member data',
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Member names, health plan '
'identification numbers, dates of '
'medical services, costs of '
'services, and claim numbers',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'Moderate (PII exposed but no '
'SSNs or financial data)',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': 'None',
'revenue_loss': None,
'systems_affected': 'Email account, file storage'},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': None,
'entry_point': 'Compromised employee '
'email account',
'high_value_targets': None,
'reconnaissance_period': '2024-10-21 '
'to '
'2025-01-13'},
'investigation_status': 'Completed (forensic investigation)',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': 'Compromised vendor '
'email account'},
'ransomware': {'data_encryption': None,
'data_exfiltration': None,
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'references': [{'date_accessed': '2025-12-02',
'source': 'PRNewswire',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': 'Potential '
'HIPAA '
'violation',
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Public disclosure via '
'press release',
'containment_measures': 'Secured systems '
'immediately upon discovery',
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': 'Leading cybersecurity '
'firm'},
'title': 'Gold Coast Health Plan Vendor Cyberattack',
'type': 'Data Breach'}}