Prominence Health Plan Data Breach Impacts up to 45,000 Individuals

The Nevada health insurer Prominence Health Plan has announced it suffered a security breach on November 30, 2020 in which hackers potentially obtained the protected health information of some of its plan members. The data breach was discovered on April 22, 2021 and steps were immediately taken to prevent further unauthorized access, including changing the credentials used by the attacker to gain access to its network.

While Prominence Health Plan has not confirmed whether this was a ransomware attack, all affected plan member data has been restored from backups. The incident involved audio recordings of phone calls to the Prominence call center along with PDF files that included provider claim forms and letters to patients advising them about claim approvals and denials.

The audio files typically included full names, dates of birth, and member ID numbers, while the PDF files contained a member’s name, date of birth, sex, member ID number, mailing address, and claim code. The files included PHI of individuals who had been members between 2010 and 2020. Approximately 45,000 individuals have been affected.

There have been no reported cases of misuse of PHI and the information in the files was not in a readily usable format, which limits the potential for misuse. Prominence is conducting online monitoring for any signs of attempted misuse of the stolen data and affected individuals have been notified and offered complimentary credit monitoring and identity theft protection services. Additional security measures are being implemented to prevent any further data breaches.

Mississippi Center for Advanced Medicine Discloses December 2020 Ransomware Attack

Mississippi Center for Advanced Medicine (MCAM) has started notifying certain patients about a ransomware attack that occurred in December 2020. Hackers gained access to an internal server that contained the protected health information of its patients and encrypted files.

A third-party IT company was engaged to assist with the investigation and determine whether PHI had been accessed or stolen by the attackers. The investigation confirmed on April 26, 2021 that PHI had potentially been compromised, although to date there have been no reports of any misuse of patient data.

The compromised server contained documentation about MCAM programs and services which included names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers, information to process insurance claims, prescription information such as prescription number, prescribing doctor, medication names and dates, medical histories, and some clinical information, such as whether an influenza test was ordered.

All affected individuals are being notified and additional security measures are being implemented to prevent further attacks.

The HHS’ Office for Civil Rights breach portal shows 9,664 individuals were affected.


Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.