.png)
MedRevenu, Inc. Data Breach Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the MedRevenu data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About MedRevenu
Medrevenu is a revenue cycle management company based in Upland, California. Founded in 2005, the company specializes in medical billing, collections, and revenue optimization services for healthcare providers, including physician groups, office-based labs and ambulatory surgery centers.
The company’s core services include AI-powered automation to identify underpayments, accelerate reimbursements, and reduce days in accounts receivable.
What Happened?
On or about Dec. 12, 2024, MedRevenu experienced a network disruption caused by a ransomware attack. The BianLian ransomware group claimed responsibility and posted about the incident on the dark web on Dec. 14, 2024.
According to public disclosures, the attackers claimed to have obtained a wide range of sensitive data, including financials, QuickBooks data, HR files, contracts, protected health information (PHI) records, email correspondence and internal databases.
The company’s investigation determined that certain files may have been acquired without authorization. After a thorough electronic discovery process, which concluded Oct. 21, 2025, MedRevenu confirmed that personal information belonging to patients of Inland Physicians Hospitalist Services, one of its clients, was present in the impacted data set.
The company reported the breach to the California Attorney General’s office on Feb. 3, 2026. The total number of impacted individuals is currently unknown.
The types of information compromised may vary from person to person.
Information Exposed:
- Names
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Government identification numbers
- Health insurance and medical information
- Financial account numbers
- Payment card numbers
- Access information
Your Rights and Next Steps
If you received a notice from MedRevenu, your personal information may have been compromised. Even if there is no evidence yet of misuse, it is important to take steps to protect yourself.
MedRevenu is offering complimentary credit monitoring and identity theft protection services through TransUnion for twelve months to those affected. To enroll, follow the instructions provided in your notification letter.
You have the right to:
- Obtain a free copy of your credit report from each of the three nationwide credit reporting agencies
- Place a security freeze on your credit report to prevent new accounts from being opened in your name
- Place a fraud alert with the credit bureaus
- File a police report if you experience identity theft or fraud
- Contact your state Attorney General or the Federal Trade Commission for additional information about your rights
It is also recommended to monitor your accounts for suspicious activity and review your credit reports regularly. If you detect any unauthorized activity, act quickly by notifying your financial institutions and filing a report with law enforcement.
You May Be Entitled to Compensation
If your information was exposed in the MedRevenu data breach, you may be entitled to compensation for any harm or inconvenience you have experienced. Lawyers are ready to help affected individuals understand their rights and pursue potential claims.
To find out if you qualify to join a lawsuit or to get more information, complete the below form.
Sources
- California Attorney General
- Dark Web
.svg)