Lucent Health Solutions, LLC Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Lucent Health Solutions, LLC, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.

On January 30, 2025, Lucent Health Solutions, LLC (“Lucent Health”) reported a significant cybersecurity incident to the Offices of the Attorney General in Texas and California. Lucent Health’s notice disclosed that, due to a phishing attack on October 2, 2023, an unauthorized party had accessed consumers’ private and sensitive personal information stored in its system (the “Data Breach”). 

Recently, Lucent Health began sending data breach notification letters to those affected by the Data Breach. Each notification letter includes complimentary access to credit monitoring and identity restoration services provided by IDX. 

As the announcement was made only recently, Lucent Health has not yet disclosed additional details. If you received a data breach notification letter from Lucent Health, it indicates that you were affected by the Data Breach. 

Lucent Health Solutions is a healthcare management company specializing in self-funded health plans and cost-containment strategies for employers. Headquartered in Nashville, Tennessee, Lucent Health provides health plan administration, analytics, and personalized care management solutions aimed at helping businesses control healthcare costs while improving employee well-being. Lucent Health employs approximately 400 people and generates an estimated $315 million in annual revenue.

WHAT INFORMATION IS INVOLVED IN THE LUCENT HEALTH SOLUTIONS, LLC DATA BREACH?

The type of compromised information varied among individuals and potentially included:

  • Full names,
  • Social Security numbers, 
  • Dates of birth,
  • Health, dental, and vision group and/or plan numbers. 

This information is called your Personally Identifiable Information (“PII”). It tells others about you and is considered part of your identity. Businesses are required to secure this information or risk facing statutory penalties, among other legal penalties. Stolen PII can be used by identity thieves to engage in fraudulent activity using your identity. 

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses who handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible. 

California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Lucent Health Solutions, LLC, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options, or submit a confidential Case Evaluation form here.