AUSTIN (KXAN) — Insurance provider UnitedHealthcare said some Texans enrolled in its health plans may be impacted in a “credential stuffing attack” that happened in February.
UnitedHealthcare said people affected will receive mailed notifications starting April 28. Personal information impacted could include members’ names, health insurance ID numbers, dates of birth, addresses, dates of service, provider names, claim information and group name/number.
On Friday, the insurance company said suspicious activity was identified Feb. 22 on the UHC mobile app and believes the information was accessed between Feb. 19-25. The company said it determined April 10 that members’ personal information may be impacted.
The company said there was “no evidence that member login credentials used during the attack were accessed or obtained from any UnitedHealthcare system.”
UnitedHealthcare said it “took prompt action to investigate the matter,” including locking portal account access and a forced password reset.
“The company regrets this incident and any inconvenience or concern it may cause,” the company said in a release.
Members will be offered two years of free LikeLock services for proactive identity theft protection, identity theft alerts and other services. Customers can call 800-669-1812 with questions.