Dominion National, health insurance provider based in Delaware, announced a privacy data breach last June 21, 2019. The press release indicates that the company might have experience the leak since August 2010. News sites report that as many as 95,000 people became affected by the privacy data breach.
The 9-year-old security incident reportedly dates to August 25, 2010, states the company in its press release. However, the company only became aware of the incident this year, April 24, 2019.
The company failed to disclose the reason for the breach.
Bank Info Security states that the breach has taken quite a long time to contain. Despite the longer assessment and containment period associated with breaches, the nine-year period shows a lack of efficiency.
Clyde Hewitt states that the case “strongly suggests that they may not have been performing comprehensive security audits or performing system activity reviews.” Hewitt is an executive adviser at CynergisTek, a security consulting firm.
Thousands of individuals remain affected by the Delaware incident. Of these, the compromised information included the personal information of the citizens. These include the names, addresses, Social Security numbers, and bank account information, note Yahoo! News.
The compromised information “may include enrolment and demographic information for current and former members of Dominion National and Avalon vision.” Besides these, dates of birth, taxpayer identification numbers, routing numbers, member ID numbers, and subscriber details may have gotten out.
The information mined through unauthorized user access varies from one person to another.
Despite the potentially mined details, Dominion National maintains that unauthorized users did not “access, acquired or misused” the said information.
The dental and vision insurer quickly moved to “clean the affected servers and implement enhanced monitoring and alerting software.” The company also worked with security experts and the Federal Bureau of Investigation following the incident.
To prevent similar attacks from happening in the future, Dominion National has taken extensive steps. These include employing credit monitoring facilities as well as fraud protection services into its system. These services are available through complementary assistance via ID Experts MYIDCare.
Starting June 21, 2019, the insurer also started notifying the affected individuals.
Affected or concerned individuals are asked to contact the incident response hotline at 877-503-8923. Meanwhile, the company asks TTY/TDD users to call at 844-261-6819. These lines are open from Mondays to Fridays, from 8 a.m. to 8 p.m.