Date of Breach
Allegation
Institution Type
Number Impacted
If you recently received a Notice of Data Event letter from Catalyst RCM (“Catalyst”) informing you that your sensitive personal or protected health information was compromised in a data breach, we would like to speak with you about your rights and potential legal remedies. Catalyst recently disclosed that it was the victim of a cybersecurity incident that exposed sensitive personal and protected health information originally entrusted to diagnostic laboratories Vikor Scientific (“Vikor”, now known as Vanta Diagnostics), KorPath, and Korgene. Catalyst maintained this information in connection with its provision of medical coding and billing services.
On or about November 13, 2025, Catalyst discovered suspicious activity involving certain information stored within its secure file management system. An authorized login and password were used to access one of Catalyst’s servers between November 8, 2025, and November 9, 2025. During that time, data was copied without permission. Upon identifying the issue, Catalyst promptly initiated an internal investigation to determine the nature and scope of the incident, assess system security, and identify individuals whose information may have been impacted. The investigation confirmed that an unauthorized party accessed a secure server using compromised credentials and copied data without authorization. Catalyst then conducted a comprehensive review of the impacted files and worked to verify address information to ensure accurate notification to affected individuals. This review was completed on December 12, 2025. Following its investigation, Catalyst determined that the incident involved information connected to medical coding and billing services it provided to Vikor Scientific, KorPath, and Korgene diagnostic laboratories. Many impacted individuals had information contained within explanation of benefits (“EOB”) documents maintained on the affected server. Catalyst filed a notice with the Attorney General of California and began issuing written notification letters to impacted individuals on February 6, 2026. Catalyst is believed to be providing notice on behalf of all its affected business associates, including Vikor.
Upon information and belief, the following types of sensitive personal and protected health information may have been compromised:
Levi & Korsinsky, LLP is investigating whether affected users are entitled to compensation. If you received a notice from Catalyst RCM, there is no cost or obligation to participate. Follow the link below to find out about your rights and potential legal remedies available.
Catalyst RCM is a full-service revenue cycle management company specializing in billing, coding, and analytics for U.S. healthcare providers, including physician practices, laboratories, and ambulatory surgery centers. Vikor Scientific (now rebranded as Vanta Diagnostics) is a biotechnology company specializing in targeted molecular diagnostics for pathogen detection and antibiotic resistance testing. Catalyst provides medical coding and billing services to healthcare-related entities, including Vikor Scientific, KorPath, and Korgene diagnostic laboratories.
UNDER THE RULES OF CERTAIN JURISDICTIONS, THIS WEBSITE MAY CONSTITUTE ATTORNEY ADVERTISING.
