"The notice states, "On October 27, 2025, we learned that one or more people looked at your information without permission." Was there a hacking incident? A rogue insider? A vulnerability that exposed member information to other members? An email error? They don't say. The data that might have been viewed included: first and last name, date of birth, health plan information, Medicaid ID number, Medicare ID number, and primary care provider office."
"The health plans do not believe that that anyone can open financial accounts using they types of information involved, as neither Social Security numbers nor financial information were viewed. They do not offer any one any complementary monitoring assistance. To make sure this does not happen, CareOregon and Health Share Oregon state that they have: Investigated and fixed the issue. Changed how this information can be viewed. Re-trained staff."
On October 27, 2025 one or more people viewed certain members' information without permission. Data that may have been viewed included first and last name, date of birth, health plan details, Medicaid and Medicare ID numbers, and primary care provider office. CareOregon and Health Share Oregon reported the incident to law enforcement and suggested a possible motive of creating fake insurance claims, though they do not know if data were used. The plans state that Social Security numbers and financial information were not viewed and they are not offering monitoring. The plans investigated, fixed access, changed viewing controls, and retrained staff; members are asked to review mailed letters for suspicious services.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]