CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Data Breaches

2.4 Million Impacted by WebTPA Data Breach

Health insurance firm WebTPA says the personal information of 2.4 million individuals was compromised in a data breach. The post 2.4 Million Impacted by WebTPA Data Breach appeared first on SecurityWeek.

WebTPA Employer Services has disclosed a data breach impacting the personal information of more than 2.4 million individuals.

Based out of Irving, Texas, and a wholly owned subsidiary of GuideWell Mutual Holding Corporation, WebTPA is a third-party administrator (TPA) specializing in health insurance and benefits plans.

The cyber incident, WebTPA says in a notice on its website, was discovered on December 28, 2023, after detecting evidence of suspicious activity on its network.

The investigation into the matter revealed that a threat actor stole personal information from its systems between April 18 and April 23, 2023, including names, contact info, dates of birth, dates of death, insurance information, and Social Security numbers.

According to the TPA, the exposed data differs by individual. Financial information, credit card numbers, and health and medical information was not affected by the incident.

“WebTPA promptly informed benefit plans and insurance companies about the incident and the potential exposure of personal information. WebTPA then diligently worked to confirm the extent of impacted data, which we provided to benefit plans and insurance companies on March 25, 2024,” the company says.

The company has strengthened the security of its network and is providing the impacted individuals with two years of free identity monitoring services.

WebTPA has notified the relevant authorities of the incident, and informed the US Department of Health and Human Services on May 8 that the personal information of 2,429,175 individuals was compromised in the incident.

The company started sending written notifications to the affected individuals in April, and has submitted copies of the letters to the relevant authorities across states, including those in California, Massachusetts, and South Carolina.

While WebTPA’s notice does not share information on the affected clients, organizations such as Allied Pilots Association, Dean Health Plan, Gerber Life Insurance Company, The Hartford Insurance, and Transamerica Life Insurance Company are confirmed to have been affected.

Starting April 11, several law firms have announced investigations into the data breach on behalf of the impacted individuals, and several lawsuits have been filed against WebTPA in the Northern District of Texas.

Related: MediSecure Data Breach Impacts Patient and Healthcare Provider Information

Related: Nissan Data Breach Impacts 53,000 Employees

Related: 900k Impacted by Data Breach at Mississippi Healthcare Provider

Latest News

CYBERNEWSMEDIAPublisher