Fresno-based health care provider CalViva Health revealed Friday that a cyber attack exposed members’ personal information.
From Jan. 7 to Jan. 25, Accellion – a vendor for CalViva partner Health Net Community Solutions, Inc – was the victim of a cyber attack that compromised its file transfer platform, which allowed a malicious party to view or download data files.
Health Net confirmed that the data breach impacted some CalViva members.
CalViva said that there are no indications that members’ information was used inappropriately, but the health care provider recommends that affected members take reasonable steps to ensure security.
CalViva took immediate action to correct the data breach and prevent it from happening in the future. That action includes the following:
- CalViva Health mailed a letter and provided resources to all members whose information was involved in this incident. CalViva Health is providing members affected by this incident with one year of free credit monitoring and identity theft protection services.
- CalViva has shared a reference guide of recommendations from the Federal Trade Commission regarding identity theft including information on how to request free credit reports, security freezes and fraud alerts.
- Health Net immediately conducted an investigation into the incident and ceased using Accellion’s services.
- Health Net reviewed its file transfer process and tolls to ensure that it is not at risk of a similar attack.
- Health Net removed all of CalViva’s data files from Accellion’s systems.
“CalViva Health takes the responsibility of protecting our members’ personal information very seriously, and sincerely regret any concern or inconvenience this incident may have caused our members and their families,” CalViva said in a statement.