In a widescale information breach, the private info of greater than 1 / 4 million South Bay sufferers who depend on the state’s inexpensive medical insurance plan could have been uncovered by means of a San Jose-based Medi-Cal supplier hit by a nationwide cyber assault.
Santa Clara Household Well being Plan mentioned Monday that the delicate info of 276,993 members — together with names, contact info, dates of beginning, member IDs and Medi-Cal credentials — could also be compromised.
The incident is a component of a bigger breach of greater than 130 organizations throughout the nation, in accordance with a February report by the cyber safety division of the U.S. Division of Well being and Human Companies. Officers consider a Russia-linked ransomware group dubbed “Clop” could also be accountable, although no definitive proof has come to mild, the Well being Sector Cybersecurity Coordination Heart mentioned.
In response to the newest breach, the San Jose healthcare group is urging its members to be on the alert for proof of id theft and monetary fraud. Its members at the moment are entitled to a free credit score monitoring service for 2 years.
Established in 1997, well being plan serves as Santa Clara County’s native supplier for the state’s model of Medicaid to over 320,000 residents. The service affords medical insurance plans for low-income Californians at little to no value in one of many nation’s most costly areas.
The state’s legal professional normal didn't reply to a request for remark. California regulation requires the legal professional normal to be notified of any information breach affecting over 500 folks.
The assault towards the San Jose group was first found on Jan. 30 by Fortra, a cybersecurity firm that provides a software program service to permit SCFHP to securely trade digital information with a third-party vendor. That vendor, NationsBenefits, mentioned it realized in regards to the information compromise on Feb. 7.
The well being plan was notified on Feb. 22 — and mailed a letter dated April 21 to affected members. Different healthcare corporations impacted by the cyberattack had their members’ social safety numbers stolen, although SCFHP officers say that particular info wasn’t stolen on this case.
“I've skilled plenty of nervousness about it,” mentioned Christina Silva, a plan member who obtained the April letter notifying her that her private information could have been stolen. Over the previous couple of days, Silva has scrambled to make sure her info has not been misused. She accused the well being plan of responding too slowly to the matter with imprecise language.
“Has any of this data been used?” requested Silva, whose 14-year-old son can also be on the plan. “It's plenty of uncertainty.”
When requested why it waited for practically a month to inform its members in regards to the incident, the healthcare supplier acknowledged in a written response to the Bay Space Information Group that it had labored with its vendor NationsBenefits “as rapidly as attainable to determine impacted members and put together and mail the notices in compliance with all regulatory and authorized obligations.”
The incident comes simply months after Oakland skilled a vicious cyberattack the place lots of of gigabytes of metropolis personnel information have been hacked and posted on the darkish net, a portion of the web that requires a particular net browser to entry. Authorities blamed that incident on an “unauthorized third occasion.”
Sarah Powazek, who directs a cybersecurity tutorial program at UC Berkeley, mentioned healthcare information is “particularly delicate” as a result of full names and dates of beginning can't be modified. However she mentioned the plan’s members don’t must be overly involved.
“Id theft is a specific concern when delicate monetary info is leaked, corresponding to bank card info or social safety numbers,” she wrote. “On this case, id theft could also be much less of a priority than the privateness dangers of getting full names, DOBs, and get in touch with data leaked”
She encourage these affected by the breach to rapidly change their Medi-Cal passwords to forestall unauthorized entry to their healthcare info. “The Bay Space continues to be reeling from the current ransomware assault on the Metropolis of Oakland, and it appears nearly a weekly prevalence that a company is hacked and extorted for ransom by cybercriminals,” she mentioned.
In response to federal cyber officers, the hacker group “Clop” has been lively since 2019 and is likely one of the “most profitable” ransomware actors of the previous couple of years. It was liable for practically 1,000 assaults on healthcare infrastructure in 2021 — and in June of that 12 months, six people linked to the group dwelling in Ukraine have been arrested. The identical officers say hospitals are notably weak to assault due to their weak digital safety measures.
“Clop’s alleged assault this 12 months solely additional exacerbates an ever-growing pattern to focus on the healthcare business, and highlights its vulnerabilities to future cyberattacks,” the February report by the U.S. Division of Well being and Human Companies states.