AlohaCare Notifies 12,982 of Recent MOVEit-Related Data Breach

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

On November 3, 2023, AlohaCare filed a notice of data breach with the Attorney General of Maine after confirming that a vulnerability in the file-transfer program MOVEit resulted in confidential patient information being accessible to an unauthorized party. In this notice, AlohaCare explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses and dates of birth. Upon completing its investigation, AlohaCare began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from AlohaCare, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the AlohaCare data breach. For more information, please see our recent piece on the topic here.

What Caused the Data Breach Affecting AlohaCare?

The AlohaCare data breach was only recently announced, and more information is expected in the near future. However, AlohaCare’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, on May 31, 2023, AlohaCare learned that it was impacted by a cybersecurity incident involving MOVEit, a file-transfer application created by Progress Software.

On May 31, 2023, Progress Software announced a previously unknown and critical vulnerability within MOVEit. This vulnerability allowed unauthorized actors to access companies’ MOVEit servers, including AlohaCare.

In response to learning about the MOVEit vulnerability, AlohaCare hired a team of cybersecurity experts to assist with the company’s investigation. This investigation confirmed that patient information was subject to unauthorized access.

After learning that sensitive consumer data was accessible to an unauthorized party, AlohaCare reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, address and date of birth.

On November 3, 2023, AlohaCare sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About AlohaCare

Established in 1994, AlohaCare is a non-profit health plan which operates out of Honolulu, Hawaii. AlohaCare provides coverage to 65,000 Medicaid and Medicaid/Medicare dual-eligible health plan members living on Oahu, Kauai, Molokai, Lanai, Maui and Hawaii Island. AlohaCare is the third-largest health plan in Hawaii. AlohaCare employs more than 300 people and generates approximately $264 million in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide