Posted On February 16, 2023 Consumer Privacy & Data Breaches
February 16, 2023 – Reventics filed a notice of data breach with the Attorney General of Montana on February 10, 2023, after an unauthorized party had gained access to confidential consumer information. According to the filing, the information that was compromised was consumers’ names, dates of birth, Social Security numbers, protected health information, and financial information. Once confirmed that there was a consumer data leak, Reventics sent notification letters to all individuals affected by the data security breach.
The data breach lawyers at Console & Associates, P.C. are actively investigating the Reventics data breach. If you have received a breach notification and are interested in learning about what you can do to protect yourself in the future, we are offering free consultations where we can discuss your legal options for receiving financial compensation from Reventics.
Reventics is a software company that identifies issues with clinical documentation and quality improvement, coding and auditing, and revenue cycle management. Originally founded in 2016 in Greenwood Village, Colorado, Reventics now employs over 72 people and generates approximately $20 million in revenue annually.
According to a filing with the Attorney General of Montana’s office and a notice posted to the company’s website, Reventics determined that, on December 15, 2022, a hacker infiltrated the company’s computer system. As a result, the company launched an investigation with the help of cybersecurity and forensic specialists to look into the incident and determine what, if any, information had been compromised.
The investigation was concluded, and Reventics confirmed that confidential consumer information had fallen into the hands of a hacker. Though varying by individual, the information accessed was consumers’ names, dates of birth, Social Security numbers, protected health information, and financial information.
On February 10, 2023, Reventics sent data breach notification letters to all individuals whose information was leaked during the attack.
If you receive a notice of a data breach from Reventics, it means your personal information was included in the data breach. Full names, Social Security numbers, and protected health information may now be in the hands of an unknown party.
As a data breach victim, you might wonder what a hacker can do with the information obtained. Social Security numbers are often used to commit identity theft by those that stole the information. Combined with protected health information, a criminal may seek free healthcare using a victim’s identity. They may also sell the information on the dark web for others to use. That can leave a victim stuck with medical bills that don’t belong to them or a medical history that’s been compromised by a criminal using their identity.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Reventics data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the notice posted on their website:
Reventics is hereby notifying of a recent event that may impact the privacy of personal information for certain individuals.
On or about December 15, 2022, Reventics detected a cyber-intruder who potentially accessed information on Reventics servers. Reventics takes the security of personal information very seriously. Upon learning of the incident, Reventics immediately engaged an international cybersecurity and forensic consulting firm to assess the nature and scope of the cyber-attack and contain any further threats to its systems and the information on the systems. On December 27, 2022, the cybersecurity and forensic consulting firm confirmed that the cyber-intruder accessed and exfiltrated certain personally identifiable information (“Pll”) and Protected Health Information (“PHI”) protected under HIPAA and state privacy laws. This information included first and last name, date of birth, social security number, financial information, healthcare provider’s name and address, health plan name, clinical data, the numeric codes used to identify services and procedures patients received from healthcare providers, and a brief description of these codes.
In the aftermath of the incident and on an ongoing basis, Reventics internal teams continue to work diligently with their third-party cybersecurity consultants to further fortify Reventics systems. Reventics was able to quickly contain the cyber-intruder and continue operations uninterrupted. In response to this event, Reventics implemented new technical safeguards, including, without limitation, adopting new encryption controls, performed a new/updated security risk analysis, is providing individuals with free credit and identity monitoring, revised its policies and procedures, and retrained workforce members.
Reventics is mailing letters to potentially affected individuals on behalf of certain customers, and is notifying individuals via its website here. Individuals seeking additional information regarding this incident can call Reventics toll-free assistance line at (833) 753-4765 during the hours of 9 am – 9 pm Eastern Time, Monday through Friday, except holidays. Additional steps individuals can take to help protect themselves can be found on the Federal Trade Commission or state Attorney General websites. Reventics is committed to safeguarding customer data and will continue to work to enhance the protections in place to secure the information in its care.
