Physicians Insurance A Mutual Company recently suffered a security incident affecting the personal information for some third party contractors and the health information for some of our insureds’ patients. Although we have no evidence to suggest that any personal information has been misused, we are providing notice in an abundance of caution, so that potentially affected individuals may take steps to protect their information should they feel it is necessary to do so.
WHAT HAPPENED
On March 2, 2023, Physicians Insurance identified unauthorized access to an employee’s work email account by an unknown third party. Upon discovery, we immediately shut down the mailbox and reset employee passwords, which terminated the access. We also promptly initiated an investigation and hired third party cybersecurity experts to assist in investigating the source and scope of the activity. We subsequently determined that the access was isolated to a single user’s email account, and only lasted roughly an hour on March 2, 2023 before that access was terminated. We did not find any evidence to indicate that any emails or attachments were exported from the user’s email account, but we have not been able to confirm whether the files that contained personal information were accessed or viewed by the third party. Therefore, we cannot say with certainty if any of the personal information in those files was accessed or viewed. Nevertheless, we are providing notice in an abundance of caution.
WHAT INFORMATION WAS INVOLVED
From the investigation, we determined that an unknown third party may have accessed select files containing certain information for the health care providers who are insured by or utilizing our third party claims administrator services, potentially impacting third party contractors, patients of those health care providers, and individuals associated with those patients, such as family members. For patients and the individuals associated with those patients, the following types of information were present in the email account at issue: full name, date of birth, contact information, medical treatment information, health insurance information, and Social Security number. For third party contractors, the following types of information were present in the email account at issue: date of birth, Social Security number, driver’s license number, and financial account information (such as bank account and routing number but not any security or access code related to that account).
WHAT WE ARE DOING
We have security measures in place that allow us to take prompt action against attempted intrusions into our systems. Those measures were implemented here and reduced the scope of the third party’s activity. We also hired third party experts to address this situation, perform an investigation into the unauthorized activity, and further secure our systems to help protect the information we maintain. We are also working on directly notifying impacted individuals.
WHAT YOU CAN DO
We encourage individuals to (1) remain vigilant for unauthorized financial activity by reviewing their account statements and free credit reports, (2) consider placing a fraud alert of security freeze on their credit file, and (3) report any suspicious activity to law enforcement. You can also find additional steps at http://www.identitytheft.gov/.
FOR MORE INFORMATION
We have established a toll-free call center to support you and answer your questions about the incident and this notice. The call center can be reached at (866) 985-2484. Representatives are available at that number from 9:00 am to 7:00 pm Eastern Time. Thank you for your understanding and patience.