Cognisight Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Cognisight, LLC regarding its recent data breach. The Cognisight data breach involved sensitive personal identifiable information belonging an undetermined number of individuals.

ABOUT COGNISIGHT, LLC:

Cognisight is a healthcare solutions vendor specializing in risk adjustment solutions for healthcare payers and providers.² Founded in 2006, Cognisight is a subsidiary of the Greater Rochester Independent Practice Association and a part of Rochester Regional Health.² Using risk-based payment methodologies, Cognisight serves the needs of Medicare Advantage plans, commercial health insurers, accountable care organizations, PACE programs, Medicaid managed care plans, and independent practice associations. Included in Cognisight’s risk-adjustment services are data and technology, medical record acquisition, audit support, medical records review, health assessments, and education and training.

WHAT HAPPENED?

On May 31, 2023, Cognisight discovered that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed and acquired. Through its investigation, Cognisight determined that an unauthorized actor may have accessed and acquired this sensitive information through a vulnerability in the MOVEit file sharing platform. Recently, Cognisight posted a notice of the incident on its website. In the coming weeks, Cognisight plans to work with its covered entities to contact individuals whose information may have been impacted. Cognisight’s covered entities include:

• AltaMed
• ArchCare
• Blue Cross and Blue Shield of Louisiana
• Mercy LIFE West Philadelphia
• Pacific PACE
• Saint Francis LIFE
• Saint Joseph PACE
• San Diego PACE
• Sequoia PACE
• Stockton PACE
• Trinity Health LIFE New Jersey
• Vantage