Subj : Millions of customers affected by WebTPA data breach
To   : All
From : TechnologyDaily
Date : Mon May 20 2024 17:15:05

Millions of customers affected by WebTPA data breach

Date:
Mon, 20 May 2024 16:00:01 +0000

Description:
Data breach in 2023 affected more than two million people, with plenty of 
sensitive data had been taken.

FULL STORY
======================================================================

We now know exactly how many people are affected by the WebTPA data breach 
that was discovered late last year - 2,429,175. 

The hackers who infiltrated WebTPAs infrastructure stole peoples full names, 
contact information, birth dates (and death dates, where applicable), Social 
Security Numbers (SSN), and insurance information - a treasure trove of 
valuable data that can be abused in identity theft , social engineering 
attacks, phishing, and more. 

The company confirmed the news in a short announcement published on the 
companys website, BleepingComputer reported, adding that financial account 
information, credit card numbers, medical treatment, and diagnostic 
information have not been exposed. Defending the premises 

WebTPA is a third-party administrator (TPA) that provides administrative 
services for health plans and insurance companies. The company manages 
different functions for the plans, such as processing claims, managing 
enrollment, handling customer service, and providing reporting and analytics. 
Some of the impacted people, the publication further explained, are customers 
at large insurance companies such as The Hartford, Transamerica, and Gerber 
Life Insurance. 

The company is a subsidiary of GuideWell Mutual Holding Corporation, and 
earns more than $100 million in revenue a year. It has more than 18,000 
employees. 

The data breach happened on April 18, 2023, with unidentified threat actors 
lurking on the companys IT infrastructure until April 23 of the same year. 
During that time, they exfiltrated the sensitive data and disappeared. 
Roughly half a year later, on December 28, the company found evidence of data 
tampering and launched an investigation. 

The investigation concluded that the unauthorized actor may have obtained 
personal information between April 18 and April 23, 2023, WebTPA said. 

Affected customers were notified in early May this year, and were offered two 
years of free credit and identity theft monitoring, as well as fraud 
consultation, through Kroll. So far, there is no evidence of the data being 
misused anywhere. More from TechRadar Pro Microsoft wants to take any MFA and 
2FA worries out of your hands Here's a list of the best firewalls today These 
are the best endpoint protection tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/millions-of-customers-affected-by-webtp
a-data-breach


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.