Chord Specialty Dental Partners Data Breach Exposes Customer Information

A data breach at Chord Specialty Dental Partners, also known as CDHA Management, LLC and Spark DSO, LLC, has compromised the sensitive personal and health information of over 170,000 individuals.

The breach has raised serious concerns about the security of protected health information (PHI) and other personal data entrusted to the organization.

Details of the Breach

The breach was discovered on March 14, 2025, when Chord identified suspicious activity involving an employee’s email account.

A subsequent investigation revealed that unauthorized access to multiple email accounts occurred between August 19, 2024, and September 25, 2024.

These accounts contained sensitive information such as:

• Names and addresses
• Social Security numbers (SSNs)
• Driver’s license numbers
• Bank account and payment card details
• Dates of birth
• Medical records and health insurance information

The breach notification filed with the Department of Health and Human Services (HHS) confirmed that 173,430 individuals were affected.

While Chord stated there is no direct evidence of fraudulent misuse of the compromised data, it could not rule out the possibility of such misuse in the future.

Response Measures

Upon discovering the breach, Chord immediately secured the impacted accounts and engaged third-party cybersecurity specialists to assess the scope of the incident.

Affected individuals have been offered credit monitoring and identity protection services to mitigate potential risks from identity theft or financial fraud.

Notifications were sent to impacted individuals in March.

Legal Investigation Underway

Levi & Korsinsky, LLP, a prominent consumer advocacy law firm with expertise in data breach litigation, has launched an investigation into this incident.

The firm is examining whether affected individuals are entitled to compensation for potential damages caused by Chord’s failure to adequately safeguard their data.

According to the law firm, companies that fail to secure personal data can be held liable for resulting harm under privacy laws.

Levi & Korsinsky operates on a contingency basis, meaning they will only receive payment if compensation is awarded to victims.

Impacted individuals who received a breach notification letter are encouraged to contact the firm for a free case evaluation.

Broader Implications

Healthcare organizations like Chord Specialty Dental Partners are frequent targets for cyberattacks due to the high value of PHI on the black market.

This incident highlights vulnerabilities in email security systems and underscores the importance of robust cybersecurity measures such as:

• Regular employee training on phishing threats
• Multi-factor authentication (MFA) for email accounts
• Periodic audits of access controls
• Encryption of sensitive data at rest and in transit

The healthcare sector has seen a surge in similar breaches recently. For example, Numotion, a wheelchair provider, reported a breach affecting nearly 500,000 individuals earlier this year.

What Should Affected Individuals Do?

If you received a notification letter from Chord Specialty Dental Partners:

1. Enroll in Credit Monitoring Services: Take advantage of the free identity protection services offered by Chord.
2. Monitor Financial Accounts: Watch for unauthorized transactions or unusual activity.
3. File a Claim: Contact Levi & Korsinsky or another legal firm specializing in data breaches to explore potential compensation options.
4. Place Fraud Alerts or Credit Freezes: Consider additional protective measures with credit bureaus.

This incident serves as a stark reminder that even trusted organizations can fall victim to cyberattacks.

As investigations continue, both affected individuals and industry stakeholders will be watching closely for outcomes that could shape future data security practices and legal accountability in healthcare.

For more information about this case or to determine eligibility for compensation, visit Levi & Korsinsky’s website or consult their consumer advocacy team directly.

Also Read: