Posted On June 30, 2022 Consumer Privacy & Data Breaches
June 30, 2022 – Benefit Plan Administrators, Inc. (“BPA”) reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the full names, addresses, dates of birth, Social Security numbers, gender classification, claims information, medications information, and medical diagnosis/conditions information of certain individuals was compromised. The number of individuals affected by the BPA data breach has not been released. BPA sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Benefit Plan Administrators, Inc., contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the press release that Benefit Plan Administrators, Inc. posted on their website:
On or about June 15, 2022, Benefit Plan Administrators, Inc. (“BPA”) notified certain individuals about a security incident involving BPA’s network. Specifically, BPA determined that unauthorized access to BPA’s network occurred on or about September 13, 2021. Upon learning of the issue, BPA commenced a prompt and thorough investigation in consultation with outside cybersecurity professionals, which determined that an unauthorized party potentially removed a limited number of files and folders from BPA’s system.
After an extensive forensic investigation, BPA concluded on March 15, 2022 that the files and folders that were potentially removed from BPA’s system contained identifiable protected health information such as full names, addresses, dates of birth, Social Security numbers, gender classification, claims information, medications information, and medical diagnosis/conditions information.
BPA has no evidence that any of the information was or will be misused. However, out of an abundance of caution, BPA notified individuals whose information was included in the impacted files and folders. Notified individuals have been provided with best practices to protect their information, including but not limited to reviewing the explanation of benefits statements they receive from their health insurance providers and following up on any items or services not recognized. BPA has also provided complimentary credit monitoring services to impacted individuals.
The security and privacy of personal information is of the utmost importance. Since the incident, BPA has worked with its Information Technology (“IT”) department to implement additional security measures in an effort to prevent a similar event from occurring in the future.
For individuals who have questions or need additional information regarding this incident, or to determine if they are impacted, BPA has established a dedicated toll-free response line at 855- 604-1843. The response line is available Monday through Friday, 9am to 9pm Eastern.
This notification is being provided on behalf of the following entities to whom BPA is a Business Associate as defined under the Health Insurance Portability and Accountability Act (“HIPAA”):
