CalViva Health announced on March 26, that their business associate Health Net Community Solutions Inc., discovered that one of their vendors, Accellion, had their file transform platform compromised.
This compromise allowed for a malicious party to view and/or download personal files from CalViva members from January 7 through January 25.
Health Net Community Solutions Inc. immediately notified CalViva Health as the cyber attack did impact some of their current members.
CalViva took immediate action and sent mail notifying their affected members of the breach. The organization will provide one year of free credit monitoring and identity theft protection services, along with other valuable resources to help protect their members’ information.
As of now, there have been no notifications or incidents of membership information being used inappropriately, but as a safety precaution CalViva has recommended their affected members steps to take to ensure that their private information is protected.
The organization has shared a reference guide of recommendations about identity theft from the Federal Trade Commission. They also have contacted their business associate to conduct an investigation of the attack and to ensure that CalViva doesn’t fall victim to something similar in the future.
CalViva has also discontinued using Accellion’s services and has removed all data files from its system to ensure protection of their members.
“CalViva Health takes the responsibility of protecting our members’ personal information very seriously, and sincerely regret any concern or inconvenience this incident may have caused our members and their families,” the CalViva press release stated about the cyber attack.
For any CalViva Health members with questions or concerns call 1-866-329-9984 for help.