Upland, California – February 3, 2026 – MedRevenu, LLC (“MedRevenu”), a company that provides billing

services to health care provider organizations, will be notifying certain individuals that their personal information

may have been exposed. MedRevenu takes the privacy and security of information in its possession very seriously

and sincerely apologizes for any inconvenience this incident may cause. This notice is intended to alert potentially

impacted individuals of the incident, steps we are taking in response, and resources available to assist and protect

individuals.

What Happened MedRevenu experienced a network disruption on or about December 12, 2024. After

discovering the incident, third-party forensic specialists were engaged to assist with securing the environment and

investigating the extent of any unauthorized activity. After a forensic investigation and extensive electronic

discovery, which concluded on October 21, 2025, it was determined that the unauthorized third party may have

acquired certain personal information as a result of this incident. MedRevenu, as the Business Associate, then

provided notification to covered entities on or about December 5, 2025, including an offer to notify potentially

impacted patients on the behalf of the covered entities. MedRevenu is providing written notice to potentially

impacted individuals. MedRevenu has no reason to believe that any individual’s information has been

misused as a result of this event. As of this writing, MedRevenu has not received any reports of misuse of

information and/or related identity theft since the date of incident.

What Information Was Involved Again, we found no evidence that patient information has been specifically

misused. However, the following information was potentially exposed to an unauthorized third party: name, date

of birth, social security number, driver’s license number, government identification number, health insurance and

medical information, financial account number, payment card number, and access information. Notably, the

types of information affected may be different for each individual, and not every individual had all of the

above listed elements exposed.

What We Are Doing Data security is one of our highest priorities. Upon detecting this incident we moved

quickly to initiate a response, which included conducting an investigation with the assistance of IT specialists and

confirming the security of our network environment. We are also reviewing technical safeguards and looking into

enhancements to prevent a similar incident.

The notification letter to the potentially impacted individuals includes steps that they can take to protect their

information. In order to address any concerns and mitigate any exposure or risk of harm following this incident,

MedRevenu has arranged for complimentary credit monitoring services and identity theft protection services to

potentially impacted individuals at no cost to them for a period of twelve months. MedRevenu recommends that

individuals enroll in the services provided and follow the recommendations contained within the notification letter

to ensure their information is protected.

For More Information For individuals seeking more information or questions about this incident, please call 1-

833-996-3692, Monday through Friday, from 8:00 a.m. to 8:00 p.m. Eastern Time, excluding holidays.

Thank you for entrusting MedRevenu with your healthcare needs. We value the security of the personal data that

we maintain, and understand the frustration, concern, and inconvenience that this incident may have caused. We

look forward to continuing to provide high quality care to the MedRevenu community.