Skip to main content
Over a doctor’s shoulder we see a spreadsheet of medical data on a vulnerable hospital computer.

VNS Health Data Breach Investigation

Written by The Lyon Firm on . Posted in Data Breach.

Thank you for considering The Lyon Firm. At this time, we are not accepting plaintiffs related to this specific consumer issue. However, if you would like to be contacted in the future, please complete the contact form. By completing the form you will be contacted if the Firm begins accepting new cases on this matter, and you will also be included in firm news alerts related to important consumer safety and privacy issues to help keep you informed about related issues.

The Lyon Firm is investigating the VNS Health data security incident in which thousands of individuals may have had their personal information stolen. The risk of identity theft and fraud necessitates that actions be taken, and legal action considered.

VNS Health, a New York healthcare entity, has begun sending out data breach notification letters after an IT security event was discovered. According to reports, over 100,000 individuals may have had their personal data compromised.

A VNS Health vendor, TMG Health, Inc. (a Cognizant Technology Solutions company) was allegedly hacked in the massive MOVEit data breach, impacting a total of over 40 million worldwide.

What Happened?

TMG became aware of the security vulnerability impacting TMG’s  MOVEit File Transfer server on May 31, 2023. According to TMG, on June 2, 2023, TMG initiated an investigation. TMG determined that an unauthorized party had accessed and downloaded certain files between May 30 and June 2, 2023.

TMG confirmed that files containing personal health information were impacted by the incident, which may have included the following:

  • Names
  • Mailing address
  • Telephone number
  • Email address
  • Date of birth
  • Social security number
  • Member ID
  • Medicare and/or Medicaid number
  • Benefit and subsidy information
  • Billing information
  • Medical claims information
  • Healthcare provider name and specialty
  • Dates of service

Is VNS Health Responsible for the Data Breach?

When personal information is collected by an organization, they have a duty to keep it protected at all costs. If data is stolen, individuals may be at risk for future identity theft and fraud. Victims of such theft may protect themselves with identity theft coverage, which is a good place to begin. Contact an attorney as well to learn about your legal options.

It is crucial to stay alert and watch for signs of fraudulent activity. If you notice any unusual activity, take appropriate actions described in this link.

If you need information on how to act when a data breach incident impacts you, call The Lyon Firm. Our lawyers can discuss legal action and rightful compensation.

Unfortunately, thousands of victims suffer from data privacy negligence every day, many of whom contact attorneys to hold companies accountable.