MCBS LLC Data Breach Exposes Social Security Numbers and Medical Records

Healthcare data breach illustration
Breach Discovery: 25th September 2025Breach Notification: 26th June 2026

What Happened in the MCBS LLC Data Breach?

MCBS LLC, a medical billing and business services company based in Augusta, Georgia, has disclosed a serious data breach. The MCBS LLC data breach involved unauthorized access to the company’s computer network. As a result, sensitive patient information may have been viewed or taken by an outside party.

According to the company, the unauthorized access began on or about Sept. 22, 2025, and continued until Sept. 26, 2025. MCBS first learned of the intrusion on or about Sept. 25, 2025. Because MCBS provides billing services for healthcare providers, this breach did not just affect one hospital or clinic. Instead, it reached patients across multiple healthcare practices that rely on MCBS for billing support.

After discovering the suspicious activity, MCBS brought in outside cybersecurity professionals to investigate. This step is common after a network intrusion, since specialists can trace how the attacker got in and what data may have been touched. Following a lengthy review, MCBS determined on or about May 28, 2026, that certain files containing personal information had likely been accessed without authorization.

The gap between the initial discovery and the final confirmation shows how complex these investigations can be. Forensic teams often need months to sort through affected systems and confirm exactly which files were exposed. Once MCBS completed its investigation, the company began notifying regulators and affected individuals, as required by law.

Who was affected?

The individuals affected by this breach are patients of healthcare providers that contracted with MCBS for medical billing services. In other words, people did not need to interact with MCBS directly to be impacted. If their healthcare provider used MCBS for billing, their information could have been stored on the compromised network.

State filings give a partial picture of the scope. So far, 295,625 individuals in South Carolina, 13,302 in Texas, 385 in Massachusetts, and 135 in New Hampshire have been identified as affected. Because MCBS serves healthcare clients in multiple states, the total number of affected individuals nationwide has not been publicly disclosed. Additional states may still be reporting their own counts.

Given that MCBS works with healthcare practices, the affected population likely includes a broad range of patients. This could include people of all ages, since medical billing records often cover entire households. As a result, both adults and minors may be among those impacted.

What Information Was Potentially Exposed?

The breach potentially exposed a significant amount of personal and medical information. Because MCBS handles billing for healthcare providers, the compromised files likely contained both everyday identifying details and sensitive health data.

  • Full names
  • Dates of birth
  • Home addresses
  • Social Security numbers
  • Diagnosis information
  • Medical history
  • Medical treatment information
  • Mental or physical condition information
  • Health insurance policy or subscriber ID numbers
  • Health plan beneficiary numbers
  • Other health insurance information

This combination of data is especially concerning. When Social Security numbers are exposed alongside medical records, criminals can attempt both traditional identity theft and medical identity theft. For example, a fraudster could open new credit accounts using a stolen SSN, or use stolen health insurance details to receive medical treatment under someone else’s name.

In addition, exposed diagnosis and treatment information raises privacy concerns beyond financial fraud. Sensitive health details, once exposed, cannot be changed the way a password or account number can. Because of this, affected individuals may face long-term risks related to how this information could be used or disclosed without their consent.

What is the company doing?

Once MCBS confirmed the unauthorized access, the company took several steps to respond. MCBS worked with external cybersecurity professionals to investigate the incident and understand its scope. The company also reported the breach to relevant state regulators, including the California Attorney General, on June 26, 2026.

MCBS is now notifying affected individuals through mailed letters, sent either directly or on behalf of the healthcare provider clients involved. In addition, the company has posted a notice about the breach on its website so patients can find more information. To help affected individuals protect themselves, MCBS is offering complimentary identity protection services through a third-party provider.

Furthermore, MCBS has set up a dedicated toll-free response line. This line is staffed by professionals familiar with the incident who can answer questions and explain protective steps. Details about enrollment in the identity protection service, along with the phone number for the response line, are included in the notification letters sent to affected consumers.

What Should Affected Individuals Do?

Monitor Your Credit Reports Closely

Anyone who received a notification letter from MCBS should start checking their credit reports regularly. Because Social Security numbers were potentially exposed, there is a real risk that criminals could try to open new accounts using stolen identities. Reviewing your credit report allows you to catch unfamiliar accounts or inquiries early.

You can request free credit reports from the three major credit bureaus. Look closely for accounts you don’t recognize, unexpected inquiries, or changes to your personal information. If you spot anything suspicious, report it right away to the credit bureau and consider contacting a data breach attorney to understand your options.

Consider a Fraud Alert or Credit Freeze

Because this breach exposed Social Security numbers, placing a fraud alert or credit freeze is a smart precaution. A fraud alert requires lenders to take extra steps to verify your identity before approving new credit. A credit freeze goes further, blocking most access to your credit file entirely.

Either option is free to set up through the credit bureaus. While a freeze offers stronger protection, it does require you to lift it temporarily whenever you apply for new credit. Given the sensitivity of the data involved in this breach, many affected individuals may find the extra security worthwhile.

Watch for Medical Identity Theft

Since diagnosis information, treatment history, and health insurance details were potentially exposed, medical identity theft is a genuine concern. This happens when someone uses your health insurance information to receive treatment or file claims under your name. As a result, your medical records could contain inaccurate information that affects future care.

To guard against this, review your health insurance statements and explanation of benefits forms closely. Look for services or claims you don’t recognize. If you find anything suspicious, contact your health insurance provider immediately and ask them to investigate.

Stay Alert for Phishing Attempts

After a breach like this, scammers often use exposed information to craft convincing phishing emails, texts, or phone calls. They may pretend to be MCBS, a healthcare provider, or even a government agency to trick you into revealing more information. Because of this, it’s important to stay cautious.

Never click on links or provide personal details in response to unsolicited messages. Instead, verify the sender by contacting the organization directly through a known phone number or website. If MCBS’s response line reaches out, you can also confirm details using the number provided in your official notification letter.

Take Advantage of Free Identity Protection Services

MCBS is offering complimentary identity protection services to affected individuals through a third-party provider. If you received a notification letter, it’s worth enrolling in this service right away. These services often include monitoring for suspicious use of your personal information.

Because enrollment typically requires action within a certain timeframe, don’t delay signing up. Read the instructions included in your letter carefully, and reach out to the dedicated response line if you have questions. Taking this simple step can add another layer of protection while you monitor your accounts.



More Information

MCBS LLC

295,625 individuals in South Carolina

13,302 individuals in Texas

385 individuals in Massachusetts

135 New Hampshire residents

California Attorney General

notice about the incident on its website

Related Data Breaches