Home
>
Data Breach>Conifer Health Solutions

Conifer Data Breach Exposes Sensitive Pediatric Patient Data

Published
December 19, 2025
Updated
March 11, 2026
Conifer Data Breach Exposes Sensitive Pediatric Patient Data
Conifer Health Solutions
Affected by the data breach? You may be entitled to compensation. Submit a claim today.

On Aug. 28, 2025, Conifer Value-Based Care, a business line within Conifer Health Solutions that provides administrative services to healthcare providers and plans, discovered that an unauthorized third party had gained access to an employee’s Microsoft Office 365-hosted business email account. The information exposed in this breach may have included personally identifiable information (PII) as well as protected health information of pediatric patients, their parents and guarantors.

The unauthorized access occurred on Aug. 28 and Aug. 29, 2025. Importantly, the compromised email account was separate from Conifer’s internal network and systems, which were not affected by this incident. Exposed information includes name, date of birth, medical information and health insurance details.

Upon learning of the breach, Conifer took steps to contain the threat and launched a comprehensive investigation. The review process, completed Nov. 10, 2025, identified individuals whose information may have been exposed. On Nov. 14, 2025, Conifer notified affected providers and health plans.

The process of verifying and locating addresses for potentially affected individuals was completed by Dec. 5, 2025.

This incident was officially disclosed to the California Attorney General on Dec. 18, 2025, and later on to the U.S. Department of Health and Human Services. The company has also posted a notice of data breach on its website.

The breach has affected a total of 12,206 individuals in the United States.

Conifer's response

If you receive notification from Conifer or your provider about this breach, you may want to:

  • Sign up for the free IDX identity theft protection services, offered by Conifer.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

Impacted individuals can call 1-833-781-8318 for additional information and support.

SUBMIT YOUR CLAIM TO THE LAW FIRM HANDLING THIS INVESTIGATION

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Conifer Health Solutions
Consumers Notification date
Date of Breach
August 29, 2025
Breach Discovered Date
August 28, 2025
Total People Affected
12206
Information Types Exposed
  • name
  • date of birth
  • health insurance information
  • medical information

Data Breach Settlements

RFK Racing Data Breach Class Action Settlement
Ingram Micro Americas $350,000 Data Breach Settlement
Nice-Pak Data Breach Class Action Settlement
Eye Physicians of Central Florida Data Breach Settlement
Excelsior Orthopaedics $2.4M Data Breach Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

MediCopy Data Breach Affects Health Systems Including Deaconess Patients
March 19, 2026
MediCopy Data Breach Affects Health Systems Including Deaconess Patients
Deaconess Health System Data Breach Exposes SSNs and Sensitive Medical Records of Patients
March 19, 2026
Deaconess Health System Data Breach Exposes SSNs and Sensitive Medical Records of Patients
Charlottesville Settlement: Data Breach Affects 22,041
March 19, 2026
Charlottesville Settlement: Data Breach Affects 22,041
Brandt Equities LP Data Breach Discloses Data Breach
March 19, 2026
Brandt Equities LP Data Breach Discloses Data Breach