A Texas-based health insurance and benefit plans provider, WebTPA, has revealed a data breach that impacted nearly 2.5 million individuals, with some victims having their Social Security numbers stolen.
In a data breach notice published earlier this month, WebTPA stated that it discovered “evidence of suspicious activity” on December 28, 2023, prompting an investigation to mitigate the threat and secure its network.
The company concluded that the unauthorized actor might have accessed personal information between April 18 and April 23, 2023, about eight months before the breach was detected.
“The impacted information may have included name, contact information, date of birth, date of death, Social Security number, and insurance information, but not every data element was present for every individual,” stated WebTPA in the notice on its website.
WebTPA reported the breach to the U.S. Department of Health and Human Services on May 8, according to the federal department’s website. The report disclosed that 2,429,175 individuals were affected and that the breach occurred on a “network server.”
Truth Voices reached out to WebTPA to clarify the exact number of people whose Social Security numbers were stolen and asked other questions, but the company did not respond to multiple requests for comment.
WebTPA also noted that it is not aware of any “misuse of benefit plan member information” and confirmed that financial account information, credit card numbers, and “treatment or diagnostic information” were not impacted in the breach.
