Unauthorized user gained access to 22,500 Hartford HealthCare accounts, DSS says

An “unauthorized third party” gained access to approximately 22,500 Hartford HealthCare-related accounts through Connecticut’s Medicaid provider portal, according to the Connecticut Department of Social Services (DSS) and Gainwell Technologies.

DSS and Gainwell, which provides agent and account administration services for the Connecticut Medicaid program, HUSKY, learned about the incident on March 25 and launched an investigation. They said the user gained access to accounts on the HUSKY provider portal and downloaded files containing patient information.

Their investigation revealed that the unauthorized user accessed the accounts using compromised credentials of Hartford HealthCare employees on March 4.

The information exposed varied by individual but may have included full names, identification numbers associated with Hartford HealthCare accounts or Medicaid claims, dates of medical services, billing and payment information, and non-Medicaid insurance policy and group numbers.

Officials said Social Security numbers and financial account information were not compromised because that data was not stored within the affected system.

DSS and Gainwell said the affected portion of the provider portal was secured immediately after the breach was discovered and that investigators have confirmed the unauthorized party no longer has access to the system.

DSS and Gainwell are beginning to notify people who were affected by the breach today. They are doing so via mail.

Those impacted are also being offered complimentary credit monitoring, identity monitoring, and fraud support services.

Anyone who thinks they may be impacted is asked to call DSS at 1-855-744-4488 for more information.

Source Link