Marketing software and services company Cierant Corporation and law firm Zumpano Patricios have independently disclosed data breaches, each impacting more than 200,000 individuals.
What the Cierant and Zumpano Patricios incidents have in common is that the number of impacted people was brought to light in recent days by the healthcare data breach tracker maintained by the US Department of Health and Human Services (HHS).
The Zumpano Patricios breach impacts nearly 280,000 individuals. The law firm, which has offices in several major US cities, is representing healthcare providers in disputes with health insurance companies over medical service payments to patients.
Zumpano Patricios is informing impacted individuals that it had detected an intrusion in its IT network on May 6, 2025, but could not determine the date and time of initial access.
An investigation revealed that the hackers accessed and possibly exfiltrated files containing information such as patient name, date of birth, Social Security number, provider name, health insurer information, dates of service, and amounts charged by the provider and payments they received.
It’s unclear if the law firm was targeted in a ransomware attack — no known threat group has taken credit for the intrusion.
In the case of Cierant, the HHS data breach tracker shows that more than 232,000 people are impacted.
In a data incident notice, the company revealed that it was targeted in late 2024 in the attacks in which the notorious Cl0p ransomware group exploited vulnerabilities in Cleo file transfer products to gain access to the files of organizations that had been using the impacted applications.
Cl0p targeted dozens of organizations through these vulnerabilities, and in some cases the victims were companies providing services to healthcare organizations. Some incidents have impacted a significant number of people.
Cierant was listed on Cl0p’s leak website as a victim of the Cleo attack in early February. The cybercriminals at some point claimed that the stolen files had been made public, but SecurityWeek was unable to verify those claims.
Cierant, which had used Cleo’s VLTrader tool, said the compromised files stored personal and health data processed on behalf of third-party health plans.
“The types of personal information that may have been involved vary by person and can include the following: name, address, date of birth, treatment-related dates, a generic description of services received, provider name, medical record number, health plan beneficiary number, claims number, and/or plan member account number, premium information,” Cierant said.
Many of the healthcare data breaches that came to light in recent months impacted hundreds of thousands and even millions of individuals.
Related: 1.4 Million Affected by Data Breach at Virginia Radiology Practice
Related: Anne Arundel Dermatology Data Breach Impacts 1.9 Million People
Related: Compumedics Ransomware Attack Led to Data Breach Impacting 318,000
