MCBS LLC: MCBS Data Breach Compromises PII and PHI Data

MCBS LLC: MCBS Data Breach Compromises PII and PHI Data

MCBS LLC Discloses Data Breach Affecting Healthcare Patients

MCBS LLC, a Georgia-based medical billing and business services provider founded in 1981, has reported a data breach involving unauthorized access to its network. The company, which serves small and medium-sized healthcare practices with billing, coding, and administrative support, disclosed the incident to the California Attorney General on June 26, 2026, and posted a notice on its website.

The breach was first detected on September 25, 2025, prompting an investigation with external cybersecurity experts. A forensic review later revealed that unauthorized access occurred over a four-day period (September 22–26, 2025), during which files containing sensitive personal and health information may have been compromised.

Since MCBS operates as a third-party vendor for healthcare providers, the affected individuals are patients of its client practices. The exposed data includes personally identifiable information (PII) and protected health information (PHI), such as names, dates of birth, addresses, Social Security numbers, medical histories, treatment details, and health insurance information.

In response, MCBS is notifying impacted individuals on behalf of its healthcare clients and offering complimentary identity protection services through a third-party provider. The company has also set up a dedicated toll-free response line to assist affected individuals with questions and protective measures. Notification letters include details on enrollment, fraud alerts, credit freezes, and credit report access.

Source: https://www.claimdepot.com/data-breach/mcbs-llc-2026

Mcbs Llc cybersecurity rating report: https://www.rankiteo.com/company/mcbs-llc

"id": "MCB1782752095",
"linkid": "mcbs-llc",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Patients of client healthcare '
                                              'practices',
                        'industry': 'Healthcare',
                        'location': 'Georgia, USA',
                        'name': 'MCBS LLC',
                        'size': 'Small/Medium',
                        'type': 'Medical Billing and Business Services '
                                'Provider'}],
 'attack_vector': 'Unauthorized Access',
 'customer_advisories': 'Notification letters with enrollment details for '
                        'identity protection services, fraud alerts, credit '
                        'freezes, and credit report access',
 'data_breach': {'personally_identifiable_information': ['Names',
                                                         'Dates of birth',
                                                         'Addresses',
                                                         'Social Security '
                                                         'numbers',
                                                         'Medical histories',
                                                         'Treatment details',
                                                         'Health insurance '
                                                         'information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Protected Health Information '
                                              '(PHI)']},
 'date_detected': '2025-09-25',
 'date_publicly_disclosed': '2026-06-26',
 'description': 'MCBS LLC, a Georgia-based medical billing and business '
                'services provider, reported a data breach involving '
                'unauthorized access to its network. The breach exposed '
                'personally identifiable information (PII) and protected '
                'health information (PHI) of patients from its healthcare '
                'clients.',
 'impact': {'data_compromised': 'Personally identifiable information (PII) and '
                                'protected health information (PHI)',
            'identity_theft_risk': 'High',
            'systems_affected': 'Network'},
 'investigation_status': 'Completed',
 'references': [{'source': 'MCBS LLC Website'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
                                                        'General']},
 'response': {'communication_strategy': 'Notification letters, dedicated '
                                        'toll-free response line',
              'incident_response_plan_activated': 'Yes',
              'third_party_assistance': 'External cybersecurity experts, '
                                        'identity protection services'},
 'title': 'MCBS LLC Discloses Data Breach Affecting Healthcare Patients',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.