Lucent Health Data Breach Affects 37,000 Americans

On October 2, 2023, Lucent Health Solutions experienced a cybersecurity incident that may have compromised the personal information of approximately 37,000 individuals across the United States.

The breach was initiated when a Lucent Health manager inadvertently opened a phishing email from a trusted broker. This action allowed unauthorized access to the manager’s email account for a brief period of about ninety minutes.

During this time, the unauthorized individual conducted specific search queries within the email account. Fortunately, the cybersecurity firm involved in the investigation confirmed that no information was downloaded or electronically transferred. There is no evidence to suggest that the unauthorized party actually viewed any information. However, out of an abundance of caution, Lucent Health decided to notify affected individuals.

The types of consumer information potentially exposed include:

• Full name
• Date of birth
• Social Security number
• Health, dental, and vision group and/or plan number

The breach affected 1,103 individuals in Texas and 27 in Massachusetts.

The incident was reported to the California, Massachusetts, and Texas Attorney General's offices on January 31, 2025, and to the U.S. Department of Health and Human Services on January 30, 2025.

Lucent Health Solutions's Response

In response to the data breach, Lucent Health Solutions initiated a thorough investigation with the assistance of external cybersecurity professionals. The company swiftly identified and eliminated the unauthorized access within ninety minutes of the phishing email being opened.

Lucent Health is offering affected individuals access to Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services at no charge for 24 months. These services are provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.

To enroll in these services, affected individuals are encouraged to visit Cyberscout's activation page and follow the instructions provided, using the unique code included in their notification letter.

Additionally, Lucent Health advises individuals to remain vigilant by regularly reviewing their financial account statements and credit reports for any irregular activity. The company has also provided guidance on placing fraud alerts and security freezes on credit files to further protect personal information.

You can find more details on the disclosures from the California Attorney General's office, Massachusetts Attorney General's office, Texas Attorney General's office, and the U.S. Department of Health and Human Services.