Cierant Corp. Data Breach Exposes Sensitive PII and PHI

Published

July 7, 2025

Updated

August 19, 2025

Cierant

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Cierant Corp., a marketing software and services provider, experienced a data breach involving Blue Cross and Blue Shield of Massachusetts patient data. The ransomware attack was claimed by the A well-known cybercriminal organizationCL0P ransomware group, took responsibility for the ransomware attack.

The cybersecurity incident was discovered on Dec. 10, 2024. An investigation determined that an unauthorized actor infiltrated Cierant systems through a Cleo VLTrader file transfer vulnerability.

The attackers infiltrated Cierant’s systems and reportedly exfiltrated sensitive Blue Cross and Blue Shield of Massachusetts patient data, which they later claimed to have posted on a dark web site accessible via the Tor network. The data breach exposed both personally identifiable information (PII) and protected health information (PHI).

The ransomware attack affected 232,506 individuals, according to the U.S. Department of Health and Human Services disclosure made on July 3, 2025. Compromised information included including names, addresses, dates of birth, health plan beneficiary numbers, medical record numbers, plan member account numbers, premium information, provider names, treatment-related dates, claims numbers and generic descriptions of services received.

Cierant disclosed the data breach to the California, Texas, Washington and Montana Attorney Generals' offices beginning on July 7, 2025 and published a Notice of Data Incident on its own website. Affected individuals include 1,576 Texas residents, 902 in Washington and 84 in Montana.

Cierant Corporation's response

In addition to required state disclosures, Cierant notified affected individuals on July 3, 2025 and is offering 12 months of free Epiq credit monitoring services. Cierant has also set up a dedicated hotline for affected individuals at 877-841-3066, Monday through Friday from 9:00 AM to 9:00 PM EST.

If you receive a notice from Cierant or Blue Cross and Blue Shield of Massachusetts about this breach, you may want to:

Sign up for the free Epiq credit monitoring services offered by Cierant.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about the company and its services, visit the Cierant website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.