CF Medical Reports Data Breach Due to Incident at Financial Business and Consumer Solutions | Console and partner, PC

On September 26, 2024, CF Medical filed a complaint with the Maine Attorney General after discovering that Financial Business and Consumer Solutions, Inc. (“FBCS”) suffered a data breach involving confidential information provided to CF Medical. In this notice, CF Medical explains that the incident resulted in an unauthorized party gaining access to consumers' sensitive data. After completing the investigation, CF Medical began sending data breach notification letters to all individuals whose data was affected by the recent data security incident.

If you have received a data breach notification from CF Medical or Financial Business and Consumer Solutions, it is important that you understand what is at risk and what you can do about it. A data breach attorney can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft and discuss your legal options following the data breach at CF Medical / Financial Business and Consumer Solutions. For more information, see our recent article on this topic Here.

What caused the CF Medical/FBCS data breach?

The CF Medical/FBCS data breach was recently announced and further information is expected in the near future. However, CF Medical's filing with the Maine Attorney General provides some important information about what led to the breach.

According to this source, FBCS is a debt collection agency that previously provided certain services to CF Medical. On February 26, 2024, FBCS learned that an unauthorized person had gained access to parts of its IT network. In response, FBCS secured its systems and then hired third-party data security experts to assist in the company's investigation.

Through this investigation, FBCS was able to confirm that an unauthorized actor had access to its network, including files containing sensitive consumer information, between February 14, 2024 and February 26, 2024.

After learning that sensitive consumer data was accessible to unauthorized parties, CF Medical reviewed the compromised files to determine what information was leaked and which consumers were affected. FBCS recently completed this review process, and although the publicly available data breach letter does not mention what types of data were leaked, on September 26, 2024, CF Medical sent personalized data breach letters to everyone affected by the recent data security incident. These letters should provide victims with a list of information belonging to them that was compromised.

Further information about CF Medical

CF Medical is the trading name of Capio, a debt-buying company. Capio, based in Lawrenceville, Georgia, is the largest buyer of distressed health care accounts in the United States. Capio has more than 1,000 healthcare customers and has served 61 million patient accounts, returning $370 million to providers. Capio employs more than 298 people and generates annual sales of around $18 million.