Healthfirst suffers data breach due to cyber attack

July 29th, 2015 by admin Leave a reply »

Healthfirst’s online portal was attacked by cyber criminals. The health insurance company is notifying approximately 5,300 individuals that their PHI may have been compromised.  No Social Security information was disclosed in the data breach.

Healthfirst was first informed that it was a victim of fraud by the US Department of Justice (DOJ) and from there prosecuted the perpetrator and continued a joint investigation with the DOJ. After the investigation, the two organizations discovered that the culprit who also gained access to Healthfirst records, and that a PHI data breach had occurred.

Affected information includes patient names, dates of birth, addresses, health insurance plan information, description of missing services, physician numbers, Healthfirst member ID numbers, patient ID numbers, Medicare and Medicaid ID numbers, claim numbers, and diagnosis codes.

Healthfirst also notified the proper government channels such as the US Department of Health and Human Services (HHS).  Healthfirst is also taking preventative measures to keep this from happening in the future which includes revising its security policies and its online portal securities.

According to the statement:

“Healthfirst sincerely regrets that this incident occurred,” the company said in its statement. “Healthfirst takes the privacy and security of its members’ health information very seriously. Healthfirst values the trust its members have placed in it as their health plan and it is Healthfirst’s priority to reassure its members that it is taking steps to ensure its members’ information is protected.”

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Leave a Reply