Email Phishing Incident at Lucent Health Compomises Client Identities. Featured
Email phishing attack at Lucent Health enabled hackers to compromise the identities of clients across the USA.
A class action lawsuit was recently filed against, Lucent Health after it reported to the Attorney General of California that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed.
About Lucent Health
Founded in 2014, Lucent Health, headquartered in Nashville, Tennessee, serves the self-insured employer market, with a fully integrated care management solution, including plan administration, patient care programs and cost controls.
What Happened?
According to the breach notice, on October 2, 2023, a Lucent Health manager opened a single phishing email from a trusted broker. Soon after, Lucent Health identified suspicious activity on the employee’s email account. As a result, Lucent Health launched an investigation to determine the nature of the incident.
Through its investigation, Lucent Health confirmed that sensitive personal information in its systems may have been compromised by an unauthorized third party during the breach. As a result, Lucent Health began a review of the data to determine what information had been impacted as well as identify the specific individuals affected.
What Information was Involved in the Breach?
While the information impacted varies depending on the individual, the type of information potentially exposed includes –
- name
- Social Insurance number
- date of birth
- demographic information
- medical diagnosis and treatment information
- health insurance information
What is Lucent Health Doing to Protect My Identity?
On January 30, 2025, Lucent Health began mailing data breach notification letters to impacted individuals. Based on the breach notices provided to California residents, Lucent Health is providing affected individuals with a list of the information impacted and 24 months of complimentary identity monitoring services.
What Can Hackers Do With My Information?
Stolen PII and PHI can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.
If you receive a notification letter from Lucent Health, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.
Protect Your Identity. Join the Lucent Health Data Breach Class Action.
The lawsuit alleges that Lucent Health breached its duties under common law and the Federal Trade Commission Act to implement reasonable security measures, comply with industry standards and federal data-security regulations, encrypt sensitive data, and provide adequate and timely notice of the breach.
If you receive a notification letter from Lucent Health you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by Lucent Health on January 30, 2025.
Please complete the form shown on this page and a data breach attorney will contact you. There is no cost to you.