.png)
Catalyst RCM Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Catalyst RCM data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Catalyst RCM
Catalyst RCM is a United States-based company that provides revenue cycle management services to healthcare providers.
Founded in 2019, Catalyst partners with medical laboratories, ambulatory surgery centers, long-term care facilities and physician practices to optimize revenue through medical billing, coding, analytics and related services.
What Happened?
On or about Nov. 13, 2025, Catalyst discovered suspicious activity within its secure file management system.
An internal investigation found that an authorized login and password were used to access a server between Nov. 8 and Nov. 9, 2025. During this time, data was copied from the system without permission. The company worked to determine what information was involved and to notify affected individuals. The review was completed on Dec. 12, 2025.
On Nov. 13, 2025, the Everest ransomware group claimed responsibility for the attack, announcing on a dark web forum that they had obtained 9.39 GB of internal data from Vikor Scientific (now Vanta Diagnostics) and intended to publish it within five to six days.
The exposed documents primarily consisted of explanation of benefits letters related to medical billing and coding services provided to Vikor Scientific, KorPath and Korgene diagnostic laboratories. The total number of affected individuals is currently undisclosed, with 88 residents of Rhode Island impacted.
The following types of consumer information were exposed:
Information Exposed:
- Patient names
- Contact information
- Dates of birth
- Health insurance information
- Provider names
- Internal patient identification numbers
- Dates of service
- Medication information
- Treatment and/or diagnostic information
Catalyst has posted a notice of the incident on its website, with Vikor Scientific linking to the notice on its own website. The incident was reported to the attorneys general offices of California and Vermont.
Your Rights and Next Steps
If you received a notice from Catalyst, it is important to take steps to protect your personal information. You are encouraged to:
- Enroll in the complimentary IDX identity protection services offered by Catalyst RCM. This includes credit monitoring, cyber scan monitoring, a $1,000,000 insurance reimbursement policy and fully managed identity theft recovery services. Enrollment instructions are included in the notice you received.
- Monitor your credit reports for any suspicious activity. You are entitled to one free credit report annually from each of the three major credit bureaus: Equifax, Experian and TransUnion.
- Consider placing a fraud alert or credit freeze on your credit file. A fraud alert requires businesses to verify your identity before issuing new credit. A credit freeze restricts access to your credit report, making it harder for identity thieves to open accounts in your name.
- Stay vigilant by reviewing your account statements and explanation of benefits for unauthorized activity.
- Report any suspected identity theft to law enforcement, your state attorney general and the Federal Trade Commission
If you have questions about the breach or need assistance with enrolling in monitoring services, you can call IDX at 1-844-908-2066.
You May Be Entitled to Compensation
If your information was compromised in the Catalyst RCM data breach, you may have legal rights and could be eligible for compensation. Lawyers are ready to help affected individuals pursue claims for damages resulting from this incident.
To find out if you qualify and to join a lawsuit, complete the below form.
.svg)