Prominence Health Plan on Friday announced that personal information for a portion of its plan members was accessed in a November 2020 data breach. The locally health insurance provider said it learned of the breach on April 22 of this year and has since been investigating the details.
In a statement, Prominence officials said that a cloud-based data system the company uses was accessed by an unauthorized third party. “Prominence immediately took steps to change the credentials used to access its system, secure the impacted environment, conduct an investigation of what happened, and restore the impacted data from backups.”
The information accessed includes audio recordings from its client call center, PDF files of some provider claim forms and letters to patients with claim approvals or denials. Information within those data sources includes a combination of patient names, birth dates, genders, member ID numbers, mailing addresses and claim codes. Officials at the company also said the nature of the file formats doesn’t made the data easy to compile and use.
Social security numbers and financial information were not involved in the breach. Prominence also said the breach hasn’t impacted member benefits or services. Follow-up monitoring hasn’t shown any actual or attempted use of any of the data accessed, either.
Out of caution, Prominence officials said the company will be sending notification letters to all the clients it served from 2019 to 2020—45,000 in all. However, they said only a portion of plan members’ information was impacted by the breach.
For more information on the breach, plan members can call a dedicated service line set up for the breach. The phone number is (888) 829-6550 and is open Monday – Friday, 6:00 a.m. to 8:00 p.m. Pacific Time, or Saturday – Sunday, 8:00 a.m. to 5:00 p.m. Pacific Time (excluding U.S. national holidays).
Source: Prominence Health Plan