On April 4, SEIU 775 Benefits Group in Washington experienced abnormal activity in their system and started investigating. Their investigation revealed that an unauthorized individual had gained access to their systems and had deleted some files with personal and protected health information in the process.
There was no evidence, however, that the unauthorized individual had otherwise accessed, downloaded, or exfiltrated any files.
In a letter signed by Abby Solomon, CEO of SEIU 775 Benefits Group, she noted that there was no evidence of any misuse of the information, but they are offering those affected services with Kroll.
The types of data that may have been involved for individuals included demographic information, such as name, address, and Social Security number, as well as, potentially, health plan eligibility or enrollment information.
The notification does not state what the impact of the deleted files might be and whether they have backups for the deleted files. One hundred and forty thousand people have been notified of this incident.
The full notification letter can be found below.
Final SEIU 775 Benefits Group Ad r2prf