Criminal fraud data breach affects 5,300 Healthfirst members

New York-based payer Healthfirst is notifying members of a data breach affecting the protected health information of approximately 5,300 members that stemmed from a criminal fraud scheme.

The Department of Justice notified Healthfirst May 27 that an individual may have stolen PHI of Healthfirst members through the payer's online portal between April 11, 2012 and March 26, 2014.

No Social Security numbers or credit card information has been affected, according to the payer.

In 2013, Healthfirst discovered it was the victim of fraud and notified the DOJ, which resulted in an investigation in which the perpetrator was charged with fraud. During this investigation, the DOJ determined the perpetrator potentially obtained PHI on Healthfirst members, according to a statement from the payer.

"Healthfirst sincerely regrets that this incident occurred. Healthfirst takes the privacy and security of its members' health information very seriously. Healthfirst values the trust its members have placed in it as their health plan and it is Healthfirst's priority to reassure its members that it is taking steps to ensure its members' information is protected," according to the statement.

More articles on data breaches:

7 states update data breach notification laws in 2015
Patient files class-action lawsuit against UCLA Health over data breach
Cybersecurity startups benefit from more frequent healthcare data breaches

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Content

Featured Webinars

Featured Whitepapers