- The Washington Times - Saturday, January 6, 2018

Medicaid recipients may have had their diagnoses and medical conditions exposed as the result of a recent security breach, Florida health officials warned Friday.

An employee with the state’s Agency for Health Care Administration (AHCA) recently opened a malicious phishing email that potentially compromised the personal information of tens of thousands of Medicaid patients, the agency said in a statement.

“It is possible that Medicaid enrollees’ full names, Medicaid ID numbers, dates of birth, address, diagnoses, medical conditions or Social Security numbers were accessed in part or full,” the statement said.

“At this time, the Agency believes it is possible that the personal information of up to 30,000 individuals may have been partially or fully accessed,” the statement said. “Although the review is ongoing, the Agency believes that only approximately 6 percent of these individuals could be confirmed as having their Medicaid ID or social security numbers potentially accessed.”

The malicious email was opened on Nov. 15, 2017, and the agency became aware of the incident five days later and promptly notified its inspector general, the statement said.

The employee changed their log-in credentials within days of opening the email to prevent further unauthorized access, and the agency “has no reason to believe individuals’ information has been misused,” the statement said.

Nonetheless, the agency is offering one-year of identity theft protection to affected Medicaid recipients “in an abundance of caution,” according to the statement.

The inspector general’s review is ongoing, and the agency has initiated new security measures meant to prevent further breaches, the statement said.
Medicaid helps cover the costs of health coverage for millions of low-income residents throughout the country, including about 3.86 million in Florida alone, as of December 2018.

A recent survey of U.S. healthcare providers found that 78 percent experienced an email-related cyberattack within the last year, according to Mimecast, a cybersecurity firm that published the results of the poll last month.

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide