Strauss Borrelli PLLC, a leading data breach law firm, is investigating CF Medical, LLC, which does business as Capio, regarding its former vendor’s, Financial Business and Consumer Solutions, Inc.’s (“FBCS”), recent data breach. The CF Medical data breach may have involved sensitive personal identifiable information belonging to over 625,000 individuals.
ABOUT CF MEDICAL, LLC D/B/A CAPIO:
CF Medical is a debt purchasing company that goes by the trade name Capio. Founded in 2008, Capio purchases non-performing healthcare accounts after they are designated as bad debt, helping healthcare providers complete their revenue cycle and increase cash returns.2 With over 1,000 healthcare clients, Capio has served more than 60 million patient accounts, returning $370 million to providers.2 Headquartered in Lawrenceville, Georgia, Capio employs over 200 individuals.
WHAT HAPPENED?
Recently, CF Medical reported to the Attorney General of Maine that it’s former vendor, FBCS, had experienced a data breach in which the sensitive personal identifiable information belonging to CF Medical in its systems may have been accessed and acquired. According to the breach notice, on February 26, 2024, FBCS discovered unauthorized activity within certain systems in its network. As a result, FBCS launched an investigation to determine the nature of the incident.
Through its investigation, FBCS learned that sensitive personal information belonging to CF Medical in its systems may have been viewed and obtained by an unauthorized individual between February 14 and February 26, 2024. As a result, FBCS began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. In July 2024, FBCS completed this review. The exact type of personal information potentially exposed has not been made publicly available by CF Medical or FBCS. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or state identification card number
- Account number, credit card number or debit card number, if circumstances exist wherein such a number could be used without additional identifying information, access codes or passwords
- Account passwords or personal identification numbers or other access codes
On September 26, 2024, CF Medical began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Maine residents, CF Medical is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that CF Medical filed with the Attorney General of Maine is below.
If you received a breach notification letter from CF Medical, LLC or Financial Business and Consumer Solutions, Inc.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
