Home
>
Data Breach>Cierant

Cierant Corp. Data Breach Exposes Sensitive PII and PHI

Published
July 7, 2025
Updated
July 7, 2025
Cierant Corp. Data Breach Exposes Sensitive PII and PHI
Cierant
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

Cierant

data breach?

Join the Lawsuit

It's free to join. 

Cierant Corp., a marketing software and services provider, experienced a data breach involving Blue Cross and Blue Shield of Massachusetts patient data. The ransomware attack was claimed by the A well-known cybercriminal organizationCL0P ransomware group, took responsibility for the ransomware attack.

The cybersecurity incident was discovered on Dec. 10, 2024. An investigation determined that an unauthorized actor infiltrated Cierant systems through a Cleo VLTrader file transfer vulnerability.

The attackers infiltrated Cierant’s systems and reportedly exfiltrated sensitive Blue Cross and Blue Shield of Massachusetts patient data, which they later claimed to have posted on a dark web site accessible via the Tor network. The data breach exposed both personally identifiable information (PII) and protected health information (PHI).

Compromised information included including names, addresses, dates of birth, health plan beneficiary numbers, medical record numbers, plan member account numbers, premium information, provider names, treatment-related dates, claims numbers and generic descriptions of services received. Cierant disclosed the data breach to the California Attorney General's office on July 7, 2025 and published a Notice of Data Incident on its own website.

Cierant Corporation's response

In addition to required state disclosures, Cierant notified affected individuals on July 3, 2025 and is offering 12 months of free Epiq credit monitoring services. Cierant has also set up a dedicated hotline for affected individuals at 877-841-3066, Monday through Friday from 9:00 AM to 9:00 PM EST.

If you receive a notice from Cierant or Blue Cross and Blue Shield of Massachusetts about this breach, you may want to:

  • Sign up for the free Epiq credit monitoring services offered by Cierant.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about the company and its services, visit the Cierant website.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Cierant
Consumers Notification date
Date of Breach
December 9, 2024
Breach Discovered Date
2024-12-10
Total People Affected
Information Types Exposed
  • address
  • claims number
  • date of birth
  • health plan beneficiary number
  • medical record number
  • name
  • plan member account number
  • premium information
  • provider name
  • treatment-related dates
  • generic description of services

Data Breach Settlements

Venture Logistics $933K Data Breach Class Action Settlement
Northbay Healthcare $3.6M Data Breach Settlement
HCA Healthcare Data Breach Class Action Settlement
DG3 North America $600,000 Data Breach Settlement
Waterford Country School $400,000 Data Breach Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

General Physician PC Data Breach Affects Patients
July 7, 2025
General Physician PC Data Breach Affects Patients
Gardner Orthopedics Data Breach Affects 47,000 Patients
July 7, 2025
Gardner Orthopedics Data Breach Affects 47,000 Patients
AIS InfoSource Data Breach Exposes Social Security Numbers
July 6, 2025
AIS InfoSource Data Breach Exposes Social Security Numbers
Arbor Associates Data Breach Exposes Sensitive PHI & PII
July 6, 2025
Arbor Associates Data Breach Exposes Sensitive PHI & PII