9-Year PHI Breach Reported by Dominion National

Dominion National, which is an insurance provider, health plan administrator, and administrator of dental and vision benefits based in Virginia, discovered a data breach that involve the personal data of people associated to the services it offers. The hackers first accessed Dominion National’s servers in 2010.

After becoming aware of the incident alert, Dominion National started an internal investigation and confirmed the breach of its systems.

A top cybersecurity firm conducted a thorough forensic analysis and evaluation of affected records and affirmed the potential compromise of sensitive data of present and past members of Dominion National and also Avalon Vision plans.

As per the investigation results, there was potential compromise of data pertaining to people associated with the establishments administered by the company with regards to dental and vision benefits, plan producers, and healthcare providers. Hackers first obtained unauthorized access to Dominion National’s systems on August 25, 2010, that was nine years ago before the completion of the investigation. It is uncertain as of this writing when Dominion National first knew about the breach.

The cyberattack investigation came to a conclusion on April 24, 2019. Dominion National sent notifications to all affected persons and offered membership to credit monitoring and identity theft protection services for two years. Dominion National has secured all servers and upgraded its monitoring and notification software system.

Different individuals may have varying types of information compromised, which may include names together with addresses, email addresses, birth dates, Social Security numbers, taxpayer ID numbers, bank account and routing numbers, member ID numbers, subscriber numbers and group numbers.

The HHS’ Office for Civil Rights has not yet posted the breach summary on its breach portal. There’s also no statement made as of this time concerning the number of people impacted by the breach.