Young Consulting (also known as Connexure), an Atlanta-based software solutions provider for medical stop-loss insurance organizations, suffered a BlackSuit ransomware attack between April 10-13, 2024. The company detected the attack April 13 when experiencing technical difficulties. BlackSuit claimed responsibility May 7, 2024, posting 324 GB of stolen data on its leak site after the company refused to negotiate. Over 1 million individuals were ultimately affected (initially disclosed as 954,177, later revised to 1,071,336 by 2025). Stolen data included names, Social Security numbers, dates of birth, and insurance policy/claim information. Downstream victims include Blue Shield of California members and other medical stop-loss insurance policyholders. This is a third-party/supply-chain breach affecting healthcare insurance customers.