CPS Solutions Files Notice of Data Breach Following Unauthorized Access to Business Email Account

[swidup]

https://www.jdsupra.com/legalnews/cps-solutions-files-notice-of-data-3945470/

"On February 10, 2025, CPS Solutions, LLC filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized actor was able to access a company email account. In this notice, CPS Solutions explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their name, Social Security number, date of birth, health insurance information, and medical information. Upon completing its investigation, CPS Solutions began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

What Caused the CPS Solutions Data Breach?
The CPS Solutions data breach was only recently announced, and more information is expected in the near future. However, CPS Solutions’ filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. CPS Solutions also posted a notice on its website discussing the incident.

According to this source, on December 4, 2024, CPS Solutions learned that an unauthorized party had gained access to an employee’s email account. In response, CPS Solutions forced a password reset and took other steps to terminate all unauthorized access. After securing the account later that day, CPS Solutions launched an investigation to learn more about the incident and what impact it may have had on the confidential information in the company’s possession.

Through this investigation, CPS Solutions confirmed that the unauthorized third party was able to access and remove data from the account between December 2, 2024 and December 4, 2024."