Industry - Lawsuit
Executive Summary
SAG-AFTRA Health Plan disclosed a phishing attack that gave unauthorized access to an employee's email account between September 17-18, 2024, exposing the Social Security numbers, health insurance information, and claims details of at least 1,202 individuals across Texas and Massachusetts. The breach occurred when an employee fell victim to a phishing email, compromising sensitive personal data of health plan participants. Affected individuals are being offered two years of free credit monito...
What Happened
On September 17-18, 2024, an employee of the SAG-AFTRA Health Plan fell victim to a phishing email that gave attackers unauthorized access to their email account. The compromised account contained sensitive personal information of health plan participants, including Social Security numbers, names, health insurance details, and claims-related information. SAG-AFTRA discovered the breach on September 18, 2024, and confirmed the presence of personal data in the compromised account on October 3, 2024.
Who Is Affected
At least 1,202 SAG-AFTRA Health Plan participants across multiple states are confirmed affected, including 831 individuals in Texas and 371 in Massachusetts. The exposed information includes their Social Security numbers, health insurance details, and claims-related records such as health plan participant identification numbers. The total number of affected individuals may be higher as the investigation continues.
Why It Matters
This breach demonstrates how a single successful phishing attack can expose highly sensitive healthcare and financial data for over a thousand individuals. The combination of Social Security numbers with health insurance and claims information creates significant risk for identity theft and medical fraud. Healthcare data breaches are particularly concerning because health records cannot be changed like credit card numbers, making the exposure potentially permanent.
What You Should Do
Enroll in the two years of free Experian IdentityWorks credit monitoring services being offered by SAG-AFTRA Health Plan by following instructions in your notification letter. Obtain and review your free annual credit reports from AnnualCreditReport.com to check for suspicious activity or unauthorized accounts. Monitor your bank statements and financial accounts regularly for unauthorized transactions, and consider placing a fraud alert on your credit files with the major credit bureaus.
Summary generated from verified sources and reviewed before publication. How we summarize.