Cierant Corporation reportd data breach caused by Cleo VLTrader third-party tool vulnerability
Learn More
Cierant Corporation, a marketing services company is reporting a data breach that was caused by exploitation of a vulnerability in a third-party file transfer tool.
The breach was discovered on December 10, 2024, when Cierant detected suspicious activity on its systems involving unauthorized access that potentially compromised sensitive personal and protected health information processed on behalf of third-party health plans.
The cause of the attack involved the exploitation of a vulnerability in Cleo VLTrader, a managed file transfer software solution widely used by enterprises for secure file exchange operations. This vulnerability was part of a broader campaign targeting organizations using Cleo's file transfer products, including VLTrader, Harmony, and LexiCom, which have been under active exploitation since early December 2024.
The investigation confirmed that an unauthorized actor gained limited access to Cierant systems, compromising personal and health data. The exposed data includes:
- Names
- Addresses
- Dates of birth
- Treatment-related dates
- Generic descriptions of services received
- Provider names
- Medical record numbers
- Health plan beneficiary numbers
- Claims numbers
- Plan member account numbers
- Premium information
The company has not disclosed the number of affected individuals, but the HHS data breach tracker shows 232,506 people as impacted.
Cierant reported the incident to federal law enforcement agencies and began sending notification letters to impacted individuals on July 3, 2025. The company set up a dedicated hotline at 877-841-3066, available Monday through Friday from 9:00 AM to 9:00 PM EST, to address questions and concerns from impacted individuals and is offering 12 months of free credit monitoring services.
