Reading:
Community Health Plan of Washington hit by a data breach
Share:
data breaches

Community Health Plan of Washington hit by a data breach

Our quick and easy process allows you to start your data breach claim - sign-up today to claim potentially thousands in compensation.

Get A Call Back Today

We specialise in representing victims for data breach compensation claims.

Information on how we handle your data is available in our Privacy Policy.

The Community Health Plan of Washington (CHPW) – provider of health insurance in Washington – issued a press release on the 21st of December concerning a data breach that may have affected up to 400,000 current and former members of the organisation.

This is yet another large data leak involving a healthcare sector – usually the biggest culprits in terms of data leaks, which is made worse by the sensitive nature of the data that can be breached.

The data breach may have exposed personal information which includes:

  • Names;
  • Addresses;
  • Dates of Birth;
  • Social Security Numbers; and
  • “coding information relating to health care claims”.

Within the press release, it’s reported that they were made aware of the breach on the 7th of November. They said they immediately informed the FBI and several state regulators, including the Washington Office of the Insurance Commission and the Washington State Health Care Authority. The organisation took “immediate measures to disable servers and a digital forensics team was engaged to investigate”. However, one can’t help but wonder why the members whom the personal information belonged to weren’t also immediately notified.

An unauthorised access of personal information

On November 30th, the forensic experts confirmed that there was indeed an unauthorised access of members’ personal information. The press release also reported that the breach happened because outsourced security was in a vulnerable state. In that claim, they make it sound like it wasn’t their fault, but the fault of their external services providers.

However, the CHPW cannot pass on the blame so easily and play the victim when they are the ones who are ultimately responsible for their organisation’s security.

Victims informed

CHPW emailed all 381,534 current and former members, apologetically informing them of the unfortunate breach and assuring them were doing all that they could to handle the situation. In a gesture of good will, they offered credit and monitoring services to all with a personal login for 12 months free of charge. They also say that they have engaged with services providers to increase their security and ensure another breach won’t happen again.

Not having adequate security to protect is not only irresponsible and reckless, but it’s also disrespectful. Data breaches are not something to be shrugged off. The financial and psychological harm can be extensive, with the latter causing potentially life long consequences.

Here in the U.K., the Information Commissioner’s Office would likely investigate a breach like this and may well find that it breached Data Protection laws by not having appropriate security to protect their members’ personal information.

Get A Call Back Today

We specialise in representing victims for data breach compensation claims.

Information on how we handle your data is available in our Privacy Policy.

Get In Touch


Speak to our team now for help and advice.

Tell us when you are free and our team can call you!
Call our Claims Helpline now for free advice!
What do you have to lose? Find out more here!

Start Your Claim

Fill out our quick claim form below and we’ll contact
you when you’re ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

arrow-up icon