Celebrating
30 Years Of Practice.

Catalyst RCM Data Breach Investigation

On Behalf of | Feb 16, 2026 | Firm News |

Catalyst RCM (“Catalyst”) is a revenue cycle management company offering medical billing, coding, and business analytics solutions to healthcare providers. It recently experienced a hacking incident exposing sensitive data provided to Catalyst by its customers, including Viktor Scientific (Vanta Diagnostics), Korgene, and KorPath.

On or around November 13, 2025, Catalyst learned of suspicious activity within its network. An internal investigation revealed that an unauthorized entity accessed a Catalyst server from November 8, 2025 to November 9, 2025. During that period, the unauthorized entity copied files containing Personally Identifiable Information (“PII”) and Protected Health Information (“PHI”) belonging to patients of Catalyst clients. Impacted PII and PHI included names, dates of birth, payment card information with access codes, medical treatment, history, and diagnosis information, and health insurance information.

If you or someone you know receives a notification letter about the data breach and would like additional information about your legal rights, you can contact Goldenberg Schneider, LPA by calling 513-982-1569, sending an email to or completing the “Contact Us” form to the right.

Contact Us