WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach.

WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S. Department of Health and Human Services on May 8, the incident affected 2,429,175 individuals.

According to the notice published by the company, WebTPA acts as an administrative services provider to certain benefit plans and insurance companies whose information was impacted in this incident.

WebTPA discovered suspicious activity on its network on December 28, 2023 and launched an investigation with the help of third-party cybersecurity experts. The investigation revealed that an unauthorized actor may have obtained personal information between April 18 and April 23, 2023.

The company also notified federal law enforcement.

“On December 28, 2023, we detected evidence of suspicious activity on the WebTPA network that prompted us to launch an investigation. Upon detecting the incident, we promptly initiated measures to mitigate the threat and further secure our network.” reads the notice published by the company. “The investigation concluded that the unauthorized actor may have obtained personal information between April 18 and April 23, 2023.”

WebTPA promptly notified benefit plans and insurance companies about the incident and the potential exposure of personal information. They worked diligently to determine the extent of the impacted data and provided this information to the benefit plans and insurance companies on March 25, 2024.

Exposed information may include name, contact information, date of birth, date of death, Social Security number, and insurance information. The exposed data may vary for each individual. The company pointed out that financial account information, credit card numbers, and treatment or diagnostic information were not impacted.

WebTPA is offering individuals two years of complimentary identity monitoring services through Kroll. They have also implemented additional security measures to enhance their network’s security. The company added that it is not aware of any misuse of benefit plan member information due to this incident.

The company recommends the impacted individuals stay vigilant against identity theft or fraud and carefully review credit reports and Explanations of Benefits (EOBs) for suspicious activity.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)