Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Conifer Health Solutions

Conifer Health Solutions Vendor Cyber Rating & Cyber Score

coniferhealth.com

For over 35 years, Conifer Health has partnered with health systems, hospitals, physician groups, and employers to deliver tailored, technology-enabled revenue cycle and value-based care solutions that improve financial performance, enhance the care experience, and reduce the cost to collect. Supporting more than 600 clients and managing over $32 billion in NPR annually, we operate with a “by operators, for operators” mindset — combining deep operational expertise with intelligent automation, advanced analytics, and a mature global delivery model. Our commitment is simple: deliver on client goals with full transparency and measurable outcomes at every step.


CHS A.I CyberSecurity Scoring

CHS
Company Information
Website:http://coniferhealth.com
Employees number:7,666
Number of followers:91,935
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:coniferhealth.com
CHS Risk Score (AI oriented)
Between 650 and 699
logo
CHSHospitals and Health Care
Updated:
29/03/2026
683/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CHS Global Score (TPRM)
xxxx
logo
CHSHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CHS
CHSWeak
Current Score
683B (WEAK)
01000
3 incidents
-106 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
689Before Incident
JUNE 2026
688Before Incident
MAY 2026
685Before Incident
APRIL 2026
684Before Incident
MARCH 2026
683Before Incident
FEBRUARY 2026
680Before Incident
JANUARY 2026
629Before Incident
DECEMBER 2025
627Before Incident
NOVEMBER 2025
626Before Incident
OCTOBER 2025
623Before Incident
SEPTEMBER 2025
620Before Incident
AUGUST 2025
723Before Incident
Breach
28 Aug 2025CHS
Conifer Value-Based Care, LLC and Conifer Health Solutions: Conifer Data Breach Exposes Sensitive Pediatric Patient Data

Conifer Value-Based Care Business Email Compromise and Data Breach

617After Incident
CRITICAL-106
CONCON1766160151
Conifer Value-Based Care Reports Email Breach Exposing Pediatric Patient Data On August 28, 2025, Conifer Value-Based Care, LLC—a subsidiary of Conifer Health Solutions providing administrative services to healthcare providers and plans—detected unauthorized access to an employee’s Microsoft Office 365-hosted business email account. The breach, which also occurred on August 29, exposed personally identifiable information (PII) and protected health information (PHI) of pediatric patients, their parents, and guarantors. The compromised data included names, dates of birth, medical details, and health insurance information, though the exact scope varied by individual. Notably, the breach was isolated to the email account and did not affect Conifer’s internal networks or systems. Conifer contained the threat immediately and launched an investigation, concluding on November 10, 2025, with affected providers and health plans notified by November 14. Address verification for impacted individuals was finalized by December 5, and the breach was officially disclosed to the California Attorney General on December 18, 2025. A Notice of Data Breach was also posted on Conifer’s website. In response, the company enhanced security controls and monitoring to prevent future incidents and collaborated with providers to notify affected parties. While no evidence suggests misuse of the exposed data, the breach underscores risks to sensitive healthcare information.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personally identifiable information (PII) and protected health information (PHI)Systems Affected: Microsoft Office 365-hosted business email accountOperational Impact: Investigation and notification processes initiatedBrand Reputation Impact: Potential reputational damage due to exposure of sensitive health dataIdentity Theft Risk: High (exposure of PII and PHI)
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Sensitivity Of Data: High (medical and health insurance details)NameDate of BirthMedical InformationHealth Insurance Details
AUGUST 2022
725Before Incident
Breach
01 Aug 2022CHS
Conifer Health Solutions

Conifer Revenue Cycle Solutions Data Breach

672After Incident
CRITICAL-53
CON23171122
Conifer Revenue Cycle Solutions, LLC (“we” or “Conifer”), a provider of revenue cycle management and other administrative services to healthcare providers, suffered a cybersecurity incident that affected its users' personal information. An unauthorized third party gained access to a Microsoft Office 365-hosted business email account and compromised certain information. The exposed information involved information to identify the individual (such as full name, date of birth, and address); (2) Social Security number, driver’s license/state ID number, and/or financial account information; (3) medical and/or treatment information (such as medical record number, dates of service, provider and facility, diagnosis or symptom information, and prescription/medication); (4) health insurance information (such as payor name and subscriber/Medicare/Medicaid number); and (5) billing and claims information. However, upon revelation, the email account was separate from Conifer’s internal network and systems, and those who were affected were notified.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Personal InformationSocial Security NumbersDriver's License/State ID NumbersFinancial Account InformationMedical InformationHealth Insurance InformationBilling and Claims InformationMicrosoft Office 365-hosted Business Email Account
DATA BREACH
Personal InformationSocial Security NumbersDriver's License/State ID NumbersFinancial Account InformationMedical InformationHealth Insurance InformationBilling and Claims InformationSensitivity Of Data: HighFull NameDate of BirthAddressSocial Security NumberDriver's License/State ID NumberMedical Record NumberDates of ServiceProvider and FacilityDiagnosis or Symptom InformationPrescription/Medication
JANUARY 2022
778Before Incident
Breach
20 Jan 2022CHS
Conifer Revenue Cycle Solutions, LLC

Data Breach at Conifer Revenue Cycle Solutions, LLC

719After Incident
CRITICAL-59
CON721082025
The Vermont Office of the Attorney General disclosed a data breach affecting Conifer Revenue Cycle Solutions, LLC, discovered on April 14, 2022, but reported on September 30, 2022. The incident involved unauthorized access to a Microsoft Office 365-hosted email account, potentially compromising personal information of individuals. The exposed data included sensitive medical and health insurance details, raising concerns about privacy violations and potential misuse of protected health information (PHI). While the exact number of affected individuals was not specified, the breach highlights vulnerabilities in third-party vendor systems handling healthcare data. The delayed detection and reporting further exacerbate risks, as prolonged exposure increases the likelihood of fraud, identity theft, or secondary attacks leveraging the stolen information. The breach underscores the critical need for robust email security measures and timely incident response in sectors managing highly sensitive data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Medical InformationHealth Insurance InformationMicrosoft Office 365 Email AccountIdentity Theft Risk: Potential (due to compromised PII)
DATA BREACH
Personal InformationMedical InformationHealth Insurance InformationSensitivity Of Data: High (PII, Medical, Insurance Data)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CHS ?
?
What was CHS's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CHS's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CHS's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CHS's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CHS's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CHS's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CHS's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CHS ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CHS's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?