DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Data breach affects almost 400,000 Community Health Plan members (UPDATE2)

Posted on December 21, 2016 by Dissent

Bob Young reports:

Almost 400,000 current and former members of the Community Health Plan of Washington have had personal information, including Social Security numbers, exposed in a data breach.

The nonprofit, which provides health insurance through Medicaid in Washington, is sending letters to 381,534 individuals Wednesday notifying them of the invasion and steps they can take to protect themselves with help from Community Health Plan of Washington.

Read more on The Seattle Times. The incident appears to involve an unnamed business associate/vendor that is a subsidiary of NTT Data.

UPDATE: It appears that this breach is yet another caused by a public FTP server, and that it was discovered by a security researcher who reported it to them. Interesting that the reporting says “invasion,” and I’ll be interested to see how the covered entity explains this breach to its members. In the meantime, I’m changing the tags on this incident from “hack” to “exposure.”

UPDATE 2: And now we know the name of the BA: Transaction Applications Group Inc., doing business as NTT Data, who processes claims for CHPW. Read more on GovInfoSecurity. It sounds like CHPW may be building a case of hacking against the researcher.

Related posts:

  • IL: Trial in doubt for medical ID theft case
Category: ExposureHealth DataOf NoteSubcontractorU.S.

Post navigation

← Data Breach Plaintiffs’ Allegations Sufficient for Standing in Employee’s Suit Against CareCentrix
University of Nebraska-Lincoln notifies 30,000 of breach that may have occurred two years ago →

2 thoughts on “Data breach affects almost 400,000 Community Health Plan members (UPDATE2)”

  1. Anonymous says:
    December 28, 2016 at 5:43 pm

    CHPW blames NTT Data, a subsidiary of Nippon Telegraph and Telephone.
    CHPW says they reported breach to HHS.
    But wall of shame does not list it.
    Except that the Peachtree Orthopaedics breach has the same size and was reported a few days earlier.
    And newspaper accounts in Atlanta say that breach involved a ransom demand.

    But Justin S says he noticed the records were available to all in in unsecured anonymous FTP server.

    Was this an instance of careless, ransom, or state-sponsored? (Could be all three)

    Anyone know what gives here?

    1. Dissent says:
      December 28, 2016 at 5:57 pm

      1. HHS is often a tad slow in showing breach reports they’ve received – sometimes by weeks. Be patient, it will show up.
      2. Peachtree Orthopedics was reported to HHS on November 18, after they confirmed it 9/22. CHPW first learned of their breach on Nov. 7. They didn’t report it to HHS until around Dec. 18.
      3. There’s lots of coverage on my site about the Peachtree hack and ransom demands, beginning in August when I first suspected they were a victim. Media in Atlanta were slow to report what my readers knew months ago.
      4. The CHPW appears to be human error by the vendor/BA.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.