Strauss Borrelli PLLC, a leading data breach law firm, is investigating CPS Solutions, LLC (“CPS”) regarding its recent data breach. The CPS data breach may have involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT CPS SOLUTIONS, LLC:
CPS is a pharmacy solutions company based in Ohio. Founded in 1971, CPS has partnered with over 800 healthcare facilities across the country to implement optimized pharmacy best practices and innovative technology solutions.3 Today, CPS’ pharmacy services and solutions include specialty pharmacy solutions, pharmacy management, technology platforms, telepharmacy services, rehabilitation program solutions, consulting, 340B program, and supply chain management.4 Headquartered in Dublin, Ohio, CPS employs over 2,500 individuals.
WHAT HAPPENED?
Recently, CPS announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. According to the breach notice, on December 4, 2024, CPS discovered that an unauthorized third party gained access to one CPS employee’s O365 business email account.1 As a result, CPS launched an investigation to determine the nature of the incident.
Through its investigation, CPS confirmed that sensitive personal information in its systems may have been viewed and taken by an unauthorized third party through the employee’s email account between December 2 and December 4, 2024. As a result, CPS began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On January 24, 2025, CPS completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Medical information (e.g., medical record number or patient account number, clinical information, provider information, diagnosis or treatment information, prescription information)
- Health insurance information (e.g., member/group ID number, Medicaid/Medicare number)
On February 10, 2025, CPS posted a notice of the incident on its website. Additionally, on the same date, CPS notified impacted individuals’ health care providers regarding the incident.1 Based on the website breach notice, CPS is providing affected individuals with a list of the specific types of sensitive information impacted and 24 months of complementary credit monitoring services. A link to the form breach notification that CPS posted to its website is below.
If you received a breach notification letter from CPS Solutions, LLC:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
