/

OHP Data Breach: What & How It Happened?

OHP Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In May 2019, the Oregon Health Authority experienced a data breach at Oregon State Hospital. The breach involved unauthorized access to an email account containing protected health information. The incident was detected and contained quickly, and the public was notified due to the nature of the information accessed.

In late May 2023, another data breach occurred, exposing personal information of nearly 1.7 million Oregon Health Plan members. This breach happened within a contractor's system and was announced by PH TECH. Affected members were notified in July 2023 and advised to monitor their credit accounts and activate credit monitoring as a precaution.

How many accounts were compromised?

The breaches collectively compromised data related to approximately 1.7 million individuals.

What data was leaked?

The data exposed in the breach included patients' protected health information, personal information such as names, dates of birth, social security numbers, addresses, member ID numbers, plan ID numbers, email addresses, authorization information, diagnosis codes, procedure codes, and claim information.

How was OHP hacked?

Hackers exploited a vulnerability in the file transfer program MOVEit, gaining unauthorized access to PH TECH's system and downloading files containing personal information of nearly 1.7 million Oregon Health Plan members. In a separate incident, a spear-phishing email led to unauthorized access to an Oregon State Hospital staff member's email box, compromising patients' protected health information. The specific methods used by the hackers remain unclear.

OHP's solution

In response to the hacking incidents, the Oregon Health Authority (OHA) and Oregon State Hospital took several measures to secure their systems and prevent future breaches. These actions included detecting and containing the incidents quickly, stopping unauthorized access to the affected email box, and conducting thorough reviews of the compromised information. OHA also planned to hire an external entity for a forensic review of the emails and notify affected individuals. Meanwhile, PH TECH, the contractor involved in the larger breach, conducted extensive forensic analysis and began mailing notification letters to impacted individuals, offering free credit monitoring as a precaution.

How do I know if I was affected?

OHP, along with PH TECH, reached out to affected users in the aftermath of the data breach. If you are an Oregon Health Plan member and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected by the breach.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective service providers.

For more specific help and instructions related to OHP's data breach, please contact OHP's support directly.

Where can I go to learn more?

If you want to find more information on the OHP data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

OHP Data Breach: What & How It Happened?

OHP Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In May 2019, the Oregon Health Authority experienced a data breach at Oregon State Hospital. The breach involved unauthorized access to an email account containing protected health information. The incident was detected and contained quickly, and the public was notified due to the nature of the information accessed.

In late May 2023, another data breach occurred, exposing personal information of nearly 1.7 million Oregon Health Plan members. This breach happened within a contractor's system and was announced by PH TECH. Affected members were notified in July 2023 and advised to monitor their credit accounts and activate credit monitoring as a precaution.

How many accounts were compromised?

The breaches collectively compromised data related to approximately 1.7 million individuals.

What data was leaked?

The data exposed in the breach included patients' protected health information, personal information such as names, dates of birth, social security numbers, addresses, member ID numbers, plan ID numbers, email addresses, authorization information, diagnosis codes, procedure codes, and claim information.

How was OHP hacked?

Hackers exploited a vulnerability in the file transfer program MOVEit, gaining unauthorized access to PH TECH's system and downloading files containing personal information of nearly 1.7 million Oregon Health Plan members. In a separate incident, a spear-phishing email led to unauthorized access to an Oregon State Hospital staff member's email box, compromising patients' protected health information. The specific methods used by the hackers remain unclear.

OHP's solution

In response to the hacking incidents, the Oregon Health Authority (OHA) and Oregon State Hospital took several measures to secure their systems and prevent future breaches. These actions included detecting and containing the incidents quickly, stopping unauthorized access to the affected email box, and conducting thorough reviews of the compromised information. OHA also planned to hire an external entity for a forensic review of the emails and notify affected individuals. Meanwhile, PH TECH, the contractor involved in the larger breach, conducted extensive forensic analysis and began mailing notification letters to impacted individuals, offering free credit monitoring as a precaution.

How do I know if I was affected?

OHP, along with PH TECH, reached out to affected users in the aftermath of the data breach. If you are an Oregon Health Plan member and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected by the breach.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective service providers.

For more specific help and instructions related to OHP's data breach, please contact OHP's support directly.

Where can I go to learn more?

If you want to find more information on the OHP data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

OHP Data Breach: What & How It Happened?

Twingate Team

Jun 28, 2024

In May 2019, the Oregon Health Authority experienced a data breach at Oregon State Hospital. The breach involved unauthorized access to an email account containing protected health information. The incident was detected and contained quickly, and the public was notified due to the nature of the information accessed.

In late May 2023, another data breach occurred, exposing personal information of nearly 1.7 million Oregon Health Plan members. This breach happened within a contractor's system and was announced by PH TECH. Affected members were notified in July 2023 and advised to monitor their credit accounts and activate credit monitoring as a precaution.

How many accounts were compromised?

The breaches collectively compromised data related to approximately 1.7 million individuals.

What data was leaked?

The data exposed in the breach included patients' protected health information, personal information such as names, dates of birth, social security numbers, addresses, member ID numbers, plan ID numbers, email addresses, authorization information, diagnosis codes, procedure codes, and claim information.

How was OHP hacked?

Hackers exploited a vulnerability in the file transfer program MOVEit, gaining unauthorized access to PH TECH's system and downloading files containing personal information of nearly 1.7 million Oregon Health Plan members. In a separate incident, a spear-phishing email led to unauthorized access to an Oregon State Hospital staff member's email box, compromising patients' protected health information. The specific methods used by the hackers remain unclear.

OHP's solution

In response to the hacking incidents, the Oregon Health Authority (OHA) and Oregon State Hospital took several measures to secure their systems and prevent future breaches. These actions included detecting and containing the incidents quickly, stopping unauthorized access to the affected email box, and conducting thorough reviews of the compromised information. OHA also planned to hire an external entity for a forensic review of the emails and notify affected individuals. Meanwhile, PH TECH, the contractor involved in the larger breach, conducted extensive forensic analysis and began mailing notification letters to impacted individuals, offering free credit monitoring as a precaution.

How do I know if I was affected?

OHP, along with PH TECH, reached out to affected users in the aftermath of the data breach. If you are an Oregon Health Plan member and have not received a notification, you can visit Have I Been Pwned to check if your credentials were affected by the breach.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your accounts for any suspicious activity and report it immediately to the respective service providers.

For more specific help and instructions related to OHP's data breach, please contact OHP's support directly.

Where can I go to learn more?

If you want to find more information on the OHP data breach, check out the following news articles: