Breach, Data Security

Illinois insurer says software error resulted in data exposure

Illinois-based Trustmark Mutual Holding Company is notifying an undisclosed number of individuals that a software error resulted in emails containing their personal information being sent to the wrong insurance carrier clients.

How many victims? Undisclosed.

What type of personal information? Names, Social Security numbers, and payroll deduction information.

What happened? A software error resulted in emails containing personal information being sent to the wrong insurance carrier clients.

What was the response? Trustmark contacted each insurance carrier recipient and requested confirmation that the emails and the attachments had been permanently deleted. The software error that caused the incident has been identified and corrected, and safeguards have been implemented to ensure a similar incident does not occur again. All potentially impacted individuals are being notified, and offered identity protection services for two years.

Details: Trustmark provides consolidated billing services for other insurance carriers, and on May 13 its automated billing email system generated and sent encrypted emails to certain insurance carrier clients. Each email should have contained a single file with information related to each carrier's insureds, but on May 14, Trustmark discovered that a software error resulted in each carrier receiving file attachments for all of the carriers.

Quote: “We believe the risk of misuse of your information is low, but we are providing this notice to you in an abundance of caution,” a notification letter said.

Source: doj.nh.gov, “Notice of Data Event,” June 22, 2015.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.