Strauss Borrelli PLLC, a leading data breach law firm, is investigating Ciox Health LLC, which does business as Datavant Group, regarding its recent data breach. The Datavant data breach may have involved sensitive personal information and protected health information belonging to over 10,000 individuals.
ABOUT CIOX HEALTH LLC D/B/A DATAVANT GROUP:
Datavant is a healthcare data technology company based in Arizona. Today, Datavant offers a proprietary platform and network that delivers critical solutions across the healthcare ecosystem.3 Through this platform, Datavant enables more than 60 million healthcare records to move between thousands of organizations, more than 70,000 hospitals and clinics, 70% of the 100 largest health systems, and an ecosystem of 500+ real-world data partners.3 Headquartered in Pheonix, Arizona, Datavant employs over 5,000 individuals.
WHAT HAPPENED?
Recently, Datavant reported to the Attorney General of Maine that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on May 9, 2024, Datavant determined that a limited number of email users were the subject of a phishing email attack.1 As a result, Datavant launched an investigation to determine the nature of the incident.
Through its investigation, Datavant confirmed that sensitive personal information in its systems may have been viewed and obtained by an unauthorized third party between May 8 and May 9, 2024. As a result, Datavant began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. In early October 2024, Datavant completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Driver’s license number
- Passport number
- Financial account information
- Health information
- Account credentials
- Digital signatures
On December 6, 2024, Datavant began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Maine residents, Datavant is providing affected individuals with a list of the specific types of sensitive information impacted and 24 months of complimentary credit monitoring services. A link to the form breach notification letters that Datavant filed with the Attorney General of Maine is below.
If you received a breach notification letter from Ciox Health, LLC d/b/a Datavant Group:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
