CF Medical recently reported that its former vendor, FBCS, experienced a data breach involving sensitive personal information. Unauthorized activity within FBCS’s systems was discovered on February 26, 2024, prompting an investigation. The breach was found to have occurred between February 14 and February 26, 2024, during which time an unauthorized individual may have accessed CF Medical’s data stored in FBCS’s systems. While the specific types of personal information affected have not been disclosed, the breach potentially involved names, Social Security numbers, driver’s license numbers, and financial account details.
Following the discovery, FBCS initiated a review to identify the individuals impacted and determine the extent of the exposure. This process concluded in July 2024. On September 26, 2024, CF Medical began notifying affected individuals through mailed letters. As part of its response, the company is providing complimentary credit monitoring services to mitigate the risks associated with the breach. State reporting guidelines suggest that personal information potentially exposed includes account passwords and access codes, though CF Medical has not confirmed exact details.
CF Medical operates under the trade name Capio and specializes in purchasing non-performing healthcare accounts classified as bad debt. Founded in 2008, Capio helps healthcare providers recover revenue, having returned $370 million to over 1,000 clients across 60 million patient accounts. Headquartered in Lawrenceville, Georgia, the company employs over 200 staff members and plays a significant role in supporting the financial health of healthcare providers.
The incident underscores the vulnerabilities organizations face when third-party vendors handle sensitive data. CF Medical’s proactive measures, including offering credit monitoring services and providing transparency about the breach, aim to protect affected individuals and maintain trust. This case highlights the importance of stringent data security protocols, particularly for businesses in healthcare and financial services.
Reference:
