CIOX Health
Data Breach

The Lyon Firm is investigating various security breach incidents nationwide, including the CIOX Health data breach, which impacted at least 32 healthcare providers. If you have been a victim of a data theft event, contact an attorney to learn more about your legal options.

CIOX Health, a prominent health information management services provider, announced a far-reaching data breach that has affected dozens of healthcare providers, including the following:

• AdventHealth – Orlando
• Alabama Orthopaedic Specialists
• Baptist Memorial Health Care
• Butler Health Systems
• Cameron Memorial Community Hospital
• Centra Health
• Children’s Healthcare of Atlanta
• Coastal Family Health Center
• Copley Hospital
• DeSoto Memorial Hospital Health System
• EvergreenHealth
• Hoag Health System
• Hospital Sisters Health System
• Huntsville Hospital Health System
• Indiana University Health
• McLeod Health System
• MD Partners
• Niagara Falls Memorial Medical Center Health System
• Northern Light Mercy Hospital
• Northwestern Medicine
• Ohio State University Health System
• OrthoConnecticut
• Prisma Health – Greenville Health System
• Prisma Health – Palmetto Health
• Sarasota County Public Hospital District d/b/a Sarasota Memorial Health Care System
• Trinity Health – Holy Cross Hospital
• Trinity Health – Mount Carmel Health System
• Trinity Health – Saint Alphonsus Health System
• Trinity Health – St. Francis Medical Center
• Trinity Health – St. Joseph Mercy Health System
• Union Hospital Healthcare System
• Women’s Health Specialist

CIOX Health discovered an unauthorized individual had gained access to company email back in July 2021, which was allegedly compromised for over a week. The hacked employee email account contained emails and attachments that included the personal protected health information of clients, including:

• Names
• Dates of birth
• Provider names
• Dates of service
• Social Security numbers
• Driver’s license numbers
• Health insurance information
• Treatment information

There is not yet evidence of data misuse of patient data, but that may be a risk victims have to deal with. CIOX Health has concluded that the email account was compromised to send phishing emails from the company to individuals, for malicious purposes.

CIOX Health and privacy experts urge all individuals affected by the data breach to check their statements and medical information carefully in the near future.

The Lyon Firm is reviewing the CIOX Health data breach and is actively involved in numerous data privacy cases and has experience filing data security claims on behalf of plaintiffs nationwide.