Cierant Corp., a marketing software and services provider, experienced a data breach involving Blue Cross and Blue Shield of Massachusetts patient data. The ransomware attack was claimed by the A well-known cybercriminal organizationCL0P ransomware group, took responsibility for the ransomware attack.
The cybersecurity incident was discovered on Dec. 10, 2024. An investigation determined that an unauthorized actor infiltrated Cierant systems through a Cleo VLTrader file transfer vulnerability.
The attackers infiltrated Cierant’s systems and reportedly exfiltrated sensitive Blue Cross and Blue Shield of Massachusetts patient data, which they later claimed to have posted on a dark web site accessible via the Tor network. The data breach exposed both personally identifiable information (PII) and protected health information (PHI).
Compromised information included including names, addresses, dates of birth, health plan beneficiary numbers, medical record numbers, plan member account numbers, premium information, provider names, treatment-related dates, claims numbers and generic descriptions of services received. Cierant disclosed the data breach to the California Attorney General’s office on July 7, 2025 and published a Notice of Data Incident on its own website.
Cierant Corporation’s response
In addition to required state disclosures, Cierant notified affected individuals on July 3, 2025 and is offering 12 months of free Epiq credit monitoring services. Cierant has also set up a dedicated hotline for affected individuals at 877-841-3066, Monday through Friday from 9:00 AM to 9:00 PM EST.
If you receive a notice from Cierant or Blue Cross and Blue Shield of Massachusetts about this breach, you may want to:
- Sign up for the free Epiq credit monitoring services offered by Cierant.
- Monitor your credit reports and financial accounts for any unusual activity.
- Be alert for phishing emails or phone calls that may use your exposed information.
- Consider placing a fraud alert or credit freeze with major credit bureaus.
For more information about the company and its services, visit the Cierant website.
