Letters are going out to 381,534 individuals affected by the breach.
Letters are going out to 381,534 individuals affected by the breach.

Personal information, including Social Security numbers, were compromised in a recent data breach of Community Health Plan of Washington, the insurance arm of 19 community health centers in Washington state. 

How many victims? Nearly 400,000 current and former members.

What type of information? Names, addresses, dates of birth, Social Security numbers and health-claims information. A spokesperson at the firm said notes that health providers make after patient visits were not included in the purloined data.

What happened? On Nov. 7, an unidentified caller notified the nonprofit agency – which provides health insurance through Medicaid in Washington – that there was a vulnerability in the computer network of the firm that provides the organization with tech services. That firm, a subsidiary of NTT Data, said upon notification it took immediate steps to identify the flaw and eliminate it.

What was the response? The company is sending letters to 381,534 individuals alerting them to the compromise. The organization hired cybersecurity firm Kroll to assist customers in steps to take should they be impacted by identity theft. The company began a forensics investigation on Nov. 30 and notified the FBI and state regulators, including the Office of the Insurance Commissioner. It also set up a call center and members can register for a year of free credit monitoring.

Source: The Seattle Times.