Call Us

CF Medical / FCBS Data Breach

Posted on behalf of Arnold Law Firm on October 3, 2024 in Data Breach
Updated on October 8, 2024

NOTICE: If you received a NOTICE OF DATA BREACH letter from CF Medical/Financial Business and Consumer Solutions Data Breach, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

On September 26, 2024, CF Medical (“CF”), doing business as Capio, filed a notice with the Offices of the Attorney General in Maine after it discovered that a data breach at Financial Business and Consumer Solutions, Inc. (“FBCS”), a former vendor for CF, had exposed sensitive information belonging to CF. CF disclosed that on February 26, 2024, FCBS discovered unauthorized activity on its computer network. A subsequent investigation, which concluded in July 2024, confirmed that between February 14 and February 26, 2024, an unauthorized party accessed and exfiltrated sensitive and confidential patients’ data, likely including Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”), collectively Personal Information (“PI”).

On September 26, 2024, CF began mailing notification letters to affected individuals. In the notification, CF has offered victims of the Data Breach complimentary access to credit monitoring and identity theft protection services.

According to CF’s report to the Attorney General of Maine, approximately 626,396 individuals were impacted by the Data Breach. As the announcement was made only recently CF has not yet disclosed additional details. If you received a data breach notification letter from CF, it indicates that you were affected by the Data Breach.

CF, also known as Capio, is a company that purchases in debt healthcare accounts to collect on. Based in Lawrenceville, GA, it is the largest purchaser of in debt healthcare accounts in the United States, and it employs approximately 300 people and generates around $18 million in annual revenue.

WHAT INFORMATION IS INVOLVED?

So far CF has failed to disclose what information has been stolen, but according to reporting guidelines, PI can include

  • Names,
  • Social Security Numbers
  • Driver’s License or state ID numbers
  • Account, credit card, or debit card numbers
  • Account passwords or, personal ID numbers, or other access codes

This information makes up your PII and it tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible.

NOTICE: If you received a NOTICE OF DATA BREACH letter from CF Medical/Financial Business and Consumer Solutions, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options or submit a confidential Case Evaluation form here.