Update: Hackers hit SCAN Health Plan, breach data of nearly 90,000 patients

The health insurance company said an unauthorized party gained access to its sales contact sheets and exposed, in some instances, medical data, Social Security numbers and health notes.
By Jessica Davis
11:09 AM
Share

Long Beach, California-based SCAN Health Plan reported its contact sheets' system had been breached by an unauthorized party, which exposed the data from its members and some non-plan members who provided their personal information to its sales team.

Hackers were able to gain access to names, addresses and phone numbers of contact sheets used for sales purposes, and in some instances, Social Security numbers, health notes, doctor information, medication names and dates of birth were breached.

The breach occurred between March and June 2016 and was first observed on June 27, 2016. Officials are unsure of how many of its records were accessed, according to California public radio station, KPCC.

[Also: Hacker puts source code of HL7 software vendor PilotFish on dark web]

While the company found no evidence the access information was fraudulently used, all affected members have been contacted via mail. SCAN will provide identity protection services for one year to its current, prospective and former plan members, including identity repair and credit monitoring.

Members are encouraged to check their benefits statements clearly to ensure it hasn't been improperly used, according to the SCAN's website. The company also suggests members closely monitor credit reports.

The company also notified the U.S. Department of Health and Human Services, the Centers for Medicare & Medicaid Services and state regulators about the breach.

"Based on our investigation to date, there were approximately 87,000 individuals affected. Of that number fewer than half are current SCAN members," SCAN spokesperson Ross Goldberg said. "Further, based on our investigation, fewer than 500 Social Security numbers were potentially exposed."

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com


Like Healthcare IT News on Facebook and LinkedIn