Conifer Revenue Cycle Solutions Announces Cyber Incident

Conifer Revenue Cycle Solutions, (“we” or “Conifer”), a provider of revenue cycle management and other administrative services to healthcare providers, experienced a cybersecurity incident that may have affected your personal information. Conifer is currently providing this notice on behalf of the healthcare providers listed below.

On April 14, 2022, Conifer learned that an unauthorized third party gained access to a Microsoft Office 365-hosted business email account. Upon discovery, Conifer immediately began an investigation, and engaged a leading security firm. Based on the investigation, the unauthorized party was able to access the business email account at Conifer on January 20, 2022. This email account is separate from Conifer’s internal network and systems, which were not affected by this incident.

Based on a detailed review conducted between June 13, 2022 and August 3, 2022, it was determined that your personal information associated with a healthcare provider was in the impacted business email account. Even though Conifer conducted a thorough investigation, it was not possible to conclusively determine whether personal information was actually accessed by the unauthorized party. To date, we are not aware of any misuse of your data.

Personal information involved in this incident may have included one or more of the following elements: (1) information to identify the individual (such as full name, date of birth, and address); (2) Social Security number, driver’s license/state ID number, and/or financial account information; (3) medical and/or treatment information (such as medical record number, dates of service, provider and facility, diagnosis or symptom information, and prescription/medication); (4) health insurance information (such as payor name and subscriber/Medicare/Medicaid number); and (5) billing and claims information. Please note that not all data elements were involved for all individuals.

Conifer takes privacy and security very seriously. In response to this incident, Conifer immediately took action to block malicious IP addresses and URLs. In addition, the password for the impacted account was reset shortly after the unauthorized access. Conifer has enhanced and continues to enhance its security controls and monitoring practices as appropriate to minimize the risk of any similar incident in the future, and Conifer accelerated its implementation of multi-factor authentication for business email accounts within the environment.

Conifer is providing additional information on general steps individuals can take to monitor and protect their personal information. Although we are unaware of any actual or attempted misuse of patient information as a result of this incident, individuals should carefully review credit reports and statements sent from healthcare providers and financial institutions as well as their insurance company to ensure that all account activity is valid. Any questionable charges should be promptly reported to the company which maintains the account. For individuals whose Social Security number, driver’s license/state ID number, and/or financial account information may have been involved, Conifer has arranged to offer free credit monitoring and identity restoration services to these individuals.

Conifer has established a dedicated assistance line for individuals seeking additional information regarding this incident. For the next 90 days, individuals who have questions about this matter or would like additional information can call toll-free (833) 764-0238 during 9 am – 9 pm Eastern Time, Monday through Friday, except holidays. This substitute notice and toll-free number will remain active for at least 90 days.

Conifer is committed to protecting the privacy and security of personal information that it receives and deeply regrets any inconvenience and concern this incident may cause. Individuals potentially affected by this incident are being mailed notice letters. Since it is possible there may be insufficient contact information for some individuals, however, this notice is also accessible via your health care provider’s website, consistent with HIPAA.

This notice is provided on behalf of the following health care providers:

Baptist Health System
Resolute Health Hospital
The Hospitals of Providence Memorial Campus
Valley Baptist Medical Center – Brownsville
Valley Baptist Medical Center – Harlingen


Baptist Health System, Conifer Revenue Cycle Solutions, cyberattacks, cybersecurity, Resolute Health Hospital, The Hospitals of Providence Memorial Campus, Valley Baptist Medical Center – Brownsville, Valley Baptist Medical Center – Harlingen


Please follow and ‘Like’ us


© HIT Leaders and News, a GO Digital Media & Publishing LLP publication. All rights reserved.