In October, Access Health CT discovered that an employee’s email account had been compromised by an unauthorized third party. IT staff noticed that a “large volume of spam” was being sent from the affected email account.
A limited number of Social Security numbers may have been affected. Access Health CT said that affected members could be those who purchased health plans last year.
Members should be on the lookout for an orange envelop for information on how to enroll in free credit monitoring. Since the incident, Access Health CT has implemented phishing security training for employees and new security protocols.
“Access Health CT takes the privacy and security of consumers’ personal information seriously, and it is making this public notice in an abundance of caution,” said CEO James Michel in a statement to the Hartford Courant. “We apologize for any inconvenience to consumers and we remain steadfast in our commitment to keep our consumers’ best interest as our number one priority.”
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails
