Tennessee government subcontractor Onsite Health Diagnostics (OHD) is contacting more than 60,000 government employees to warm them of an unauthorized data breach between January and April.
OHD carries out health screenings for local government authorities and had amassed this employee data, which includes names, phone numbers, addresses, emails, gender and dates of birth. OHD stresses that no data such as social security numbers or medical info was breached when an unknown hacker accessed the system.
The data was accessed illegally at some point during January and April of this year but affects employees that were screened in 2013. OHD and Healthways, the Tennessee’s wellness contractor, are sending out letters to the 60,582 people that have been affected.
OHD and Healthways say they were made aware of the breach on April 11 and launched an investigation with national security and computer forensics experts, but employees were not contacted until August 8, as dated on the letter.
“OHD encourages impacted group health plan members to remain vigilant, to review account statements, and to monitor credit reports and explanation of benefits forms for suspicious activity,” says the letter.
OHD goes on to say that it is offering one year’s free identity theft protection to those affected, through a company called ID Experts.
“The protection services include: 12 months of identity protection, a $20,000 insurance reimbursement policy in the event of identity theft, and access to fraud resolution representatives. With this protection, ID Experts will help resolve issues if an affected individual’s identity is compromised.”
This is not the first time that OHD has experienced a data breach. Just last month, 1,700 employees in Virginia’s Dominion Resources were contacted when OHD’s systems were accessed by an unauthorized attacker, who gained encrypted passwords.