The WebTPA Employer Companies (WebTPA) knowledge breach disclosed earlier this month is impacting near 2.5 million people, the U.S. Division of Well being and Human Companies notes.
Among the impacted individuals are clients at giant insurance coverage firms corresponding to The Hartford, Transamerica, and Gerber Life Insurance coverage.
WebTPA is a GuideWell Mutual Holding Company subsidiary and a third-party administrator (TPA) that gives custom-made administrative companies to well being plans and insurance coverage firms. It employs 18,000 individuals and generates $103 million in annual income.
The breach occurred final 12 months however it was found final December, when the corporate discovered proof of suspicious exercise on its community.
A latest replace on the U.S. Division of Well being and Human Companies knowledge breach portal exhibits that the variety of affected people is 2,429,175.
In accordance with the notification on WebTPA’s web site, the risk actor had entry to non-public knowledge for 5 days, between April 18 and April 23, 2023. Nonetheless, WebTPA found the breach solely in late December and instantly launched an investigation.
“On December 28, 2023, we detected evidence of suspicious activity on the WebTPA network that prompted us to launch an investigation,” reads the announcement.
“The investigation concluded that the unauthorized actor may have obtained personal information between April 18 and April 23, 2023,” WebTPA notes.
WebTPA knowledgeable profit plan suppliers and insurance coverage firms of the info breach on March 25, 2024. The corporate despatched notices to affected people on Might 8, 2024, informing that the next forms of knowledge had been uncovered:
- Full title
- Contact info
- Date of beginning (and dying the place relevant)
- Social Safety Quantity (SSN)
- Insurance coverage info
The investigation revealed that monetary account info, bank card numbers, medical remedy, and diagnostic info haven’t been uncovered to unauthorized entry.
A number of well being plan and insurance coverage organizations have revealed notifications saying that the WebTPA knowledge breach has impacted a few of their clients.
Among the many firms with clients affected by the WebTPA breach are Dean Well being Plan, APA Voluntary Supplemental Medical Plan, The Hartford (Essential Sickness, Hospital Indemnity, Accident, Medicare Complement and Tricare merchandise), Transamerica, and Gerber Life Insurance coverage.
Within the knowledge breach notification, WebTPA has included directions on how you can enroll for 2 years of credit score monitoring, identification theft safety, and fraud session companies by way of Kroll, which is feasible till August 1st.
Though WebTPA says it’s not conscious of any instances of misuse of the uncovered knowledge, affected people ought to stay vigilant for communications from potential fraudsters and chorus from sharing any private or monetary info in such instances.
Additionally it is advisable to evaluate credit score stories rigorously and contemplate inserting a safety freeze on credit score information to mitigate fraud dangers.
