More than 120,000 patients notified by HAP that they are possibly impacted by the Wolverine Breach
More than 120,000 patients notified by Health Alliance Plan (HAP) that their personal as well as medical data was possibly breached by a ransomware attack on Wolverine Solutions Group (WSG), their third-party vendor, in September 2018.
As per the notice of Wolverine, the vendor became victim of a ransomware attack on Sep. 25, 2018. The malware then encrypted many of vendor's records, thus making those files inaccessible. Soon after, an investigation has been launched; and the forensics experts started process of decrypting as well as restoring those files on Oct. 3, 2018.
The compromised data comprised patient names, dates of birth, addresses, Social Security numbers, phone numbers, medical data, and insurance contact details along with numbers. The investigation also couldn't rule out the data exfiltration.
However, HAP said in a statement on Tuesday (i.e. on March 5, 2019) that the incident might have exposed the customers' names, dates of birth, addresses, member identification numbers, patient identification numbers, healthcare provider names, and claim information like the payment amounts and service codes. It suggested that
WSG notified HAP about this incident on November 28, 2018, but the company has been uncertain until early February about the extent of this breach and the data that was most likely got compromised, said a HAP spokeswoman.
"HAP takes its responsibility to protect our members' information very seriously," said HAP officials in a statement. "We sincerely apologize this happened to our members. Wolverine Solutions Group has issued an apology to HAP and our impacted members". HAP officials added that WSG said it has not heard that the information has been used for inappropriate purpose, and has been offering free identity as well as monitoring services for 12 months to all of them who are affected.
As per a HAP spokeswoman, all in all 120,344 HAP customers might have been affected. Moreover, any HAP member having questions regarding the breach can call at 877-412-7152 for further information.
Most critical programs of Wolverine were restored by Oct. 25, 2018, and the critical operations become operational by Nov. 5, 2018. However, the officials said that between November and early February they are still trying to determine the kind of data that is infected by this malware, specific patients involved and impacted clients.
» SPAMfighter News - 3/18/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!