Site icon ClaimLinx

ClaimLinx Data Breach – The need to knows

Meredith Keller

Our Response to a Recent Cybersecurity Incident

ClaimLinx was recently a victim of a cybersecurity incident that involved an unauthorized third-party gaining access to certain user information.  Immediately upon discovering the access, our information technology team was able to mitigate the intrusion and recover the files. More Importantly, there is no indication that the data has been misused for fraud or identity theft at this time.

We want to let you know what happened, the type of data that was accessed by the unauthorized party, and how we’re responding.

What Happened.

4th quarter ClaimLinx was notified that our company was the victim of a ransomware attack.  The group are known to attack mid- small businesses. The ClaimLinx response team identified the incident, shut down the unauthorized party’s access, started an investigation, and was able to recover our data.

Who was affected?

Our investigation has determined that a ClaimLinx user was affected in connection with this incident

What Information Was Involved?

Archival data that was over 6 years old that may or may not have included:

  1. Contracts
  2. Invoices
  3. ID Cards
  4. PHI Information
  5. Benefit Summaries
  6. Claims Information

What We Are Doing to Respond?

At ClaimLinx, we believe in continuous improvement and getting 100% better every day. We are committed to protecting your privacy and have already taken the following steps to help prevent events like this from happening again: 

  1. Our team set protocols in place to prevent further intrusion.
  2. Our Investigators also decommissioned servers to prevent further infiltration.
  3. Deployed new enhancements to our security systems to help prevent and detect malicious activities of this nature.
  4. Referred the matter to federal law enforcement for ongoing investigation.

Frequent Asked Questions

Q: How do I know if I was affected by this issue? 

A: We have notified affected ClaimLinx users where required. 

Q: What types of ClaimLinx users were impacted?

A: This incident impacted a ClaimLinx employee. 

Q: If my information was affected, why didn’t ClaimLinx notify me directly?

A: ClaimLinx has directly notified affected users where required, published information about the incident on our website, and set up a dedicated call center to answer questions from users. 

Q: Do I need to do anything to protect my account or information?

A: This incident may or may not have affected the information listed above. 

It is always a good idea to be cautious of unsolicited communications that ask for your personal information or refer you to a web page asking for personal information and avoid clicking on links or downloading attachments from suspicious emails.

Q: What is ClaimLinx doing to prevent this from happening again?

A: Your privacy of information is very important to us and take it very seriously.   We are committed to protecting your privacy and have already increased training for our employees to help prevent social engineering scams, deployed new improvements to our security systems, enlisted the support of an external firm for specialized support, and referred the matter to law enforcement to help prevent events like this from happening again.

What You Can Do

The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. Contact any one of the three major credit bureaus. As soon as one credit bureau confirms your fraud alert, the others are notified of placing fraud alerts. The initial fraud alert stays on your credit report for one year. You can renew it after one year. 

Equifax: equifax.com/personal/credit-report-services 
or 1-800-685-1111

Experian: experian.com/help 
or 1-888-397-3742

TransUnion: transunion.com/credit-help
or 1-888-909-8872

Ask each credit bureau to send you a free credit report after it places a fraud alert on your file. Review your credit reports for accounts and inquiries you don’t recognize. These can be signs of identity theft. If your personal information has been misused, visit the FTC’s site at IdentityTheft.gov to report the identity theft and get recovery steps. Even if you do not find any suspicious activity in your initial credit reports, the FTC recommends that you check your credit reports periodically so you can spot problems and address them quickly. 

You may also want to consider placing a free credit freeze. A credit freeze means potential creditors cannot get your credit report. That makes it less likely that an identity thief can open new accounts in your name. To place a freeze, contact each of the major credit bureaus at the links or phone numbers above. A freeze remains in place until you ask the credit bureau to temporarily lift it or remove it. 

Follow the link to the FTC’s website, IdentityTheft.gov/databreach, about steps you can take to help protect yourself from identity theft. The steps are based on the types of information exposed in this intrusion.

We’re Here to Support You

You can reach us at (800) 858-1772 or by email at claims@claimlinx.com

Thank you for choosing ClaimLinx. We appreciate your continued trust in our team as we work to make your benefits experience clearer, faster, and more convenient. 

At ClaimLinx, we’re committed to providing our members and providers with the best possible service. 

Facebook Instagram Youtube Linkedin
Exit mobile version