The latest news shows that the HealthEC data breach affected 4.5 million patients. Yes, you read that right, 4.5 million. Your information might have been compromised too, that is why we included some tips and tricks in terms of steps that you can take if you were affected including all the details about the incident!
HealthEC, a company that helps manage health information, recently had a problem. Almost 4.5 million people who used the company’s services had their information exposed in a data breach. This happened between July 14 and 23, 2023, when someone who wasn’t supposed to get in managed to access HealthEC’s computer systems and take some files.
HealthEC data breach: 4.5 million are affected
On December 22, 2023, HealthEC told everyone about this issue on its website. They explained that during those dates in July, a person who wasn’t authorized to be there took some files from their systems. The company also shared that this affected them and 17 other healthcare organizations in the United States that work with HealthEC. They started telling these organizations about the problem on October 26, working together to let the people who might be affected know about it.
As expected, the HealthEC data breach was taken seriously by the company. They informed the police about the data breach and are now looking at their rules and ways of doing things to make sure this doesn’t happen again. In a message to everyone, HealthEC said, “People should be careful and watch out for things like identity theft and fraud.” They suggested keeping an eye on bank statements, healthcare bills, and credit reports for anything unusual.
According to Bleeping Computer, the company didn’t say how many people were impacted when the HealthEC data breach first happened. They only mentioned a smaller number related to one of their clients, MD Valuecare, which was 112,005 people. But when the U.S. Department of Health and Human Services looked into it, they found out that the total number of affected individuals is much bigger: 4,452,782.
Stolen data types
An investigation finished on October 24, 2023, and found out what information the person who broke in took, said Bleeping Computer. The stolen data in the HealthEC data breach incident includes:
- Dates of Birth
- Social Security Numbers
- Taxpayer Identification Numbers
- Medical Record Numbers
- Medical Information (like diagnosis, physical or mental condition, and prescription details)
- Health Insurance Information (like beneficiary number and Medicaid/Medicare identification)
- Billing and Claims Information (like patient account number and treatment cost details)
What to do if you are affected?
If you’re one of the people whose information was exposed, HealthEC suggests doing a few things to protect yourself from bad things like identity theft:
- Keep checking your bank statements for anything strange. Look for any transactions you didn’t make.
- Ask for a free report that shows your credit activity to make sure there’s nothing suspicious. You’re entitled to get a free credit report every year.
- Think about adding a special note on your credit file that warns about possible fraud. This is called a “fraud alert,” and it can make it harder for someone to open accounts in your name.
- Consider freezing your credit. This means that nobody can access your credit report without your permission, making it difficult for anyone to open new accounts in your name.
- Change your passwords for important accounts. If someone has your personal information, they might try to access your email, bank accounts, or other online services.
- Be cautious about phishing attempts. Watch out for emails or messages that seem suspicious and could be trying to get more information from you.
- Contact your healthcare provider and insurance company. Let them know about the breach so they can keep an extra eye on your accounts and information.
Featured image credit: National Cancer Institute/Unsplash