Cyberattack Hits Health Payer Third-Party Vendor, Exposes PHI

August 09, 2021 - Renaissance Life & Health Insurance Company of America’s third-party vendor experienced a cyberattack that impacted individuals protected health information (PHI.) 

According to a press release Renaissance issued on July 30, Secure Administrative Solutions LLC (SAS,) the third-party vendor, reported the data security incident on June 1. 

"We take this incident very seriously and are committed to protecting the privacy and security of information shared with third parties who provide services to our policyholders," said Robert Mulligan, President and Chief Executive Officer of Renaissance, in the press release.   

The data breach included the “exfiltration of certain protected health information related to SAS' clients,” the release states. “Upon receiving this report, Renaissance immediately worked with SAS and others to confirm the nature and scope of the data at issue, including whether and how it related to Renaissance policyholders.” 

SAS provided Renaissance with updated details regarding the incident around June 18, 2021.  

“The details Renaissance received from SAS indicated that information related to certain Renaissance policyholders was present on the impacted SAS systems at the time of the incident and subject to unauthorized acquisition as a result.”  

The unauthorized access occurred between March 15 and April 15, 2021 and SAS notified the FBI on May 27. 

“Renaissance understands that the exfiltrated information has been destroyed by the unauthorized actor, but that the identity of the unauthorized actor is unknown,” the release states.  

The breached information includes a combination of certain individuals’ names, addresses, dates of birth, beath insurance policy numbers, and other health insurance information. Social Security numbers and financial information were not impacted.  

"Upon learning of this incident, Renaissance worked closely with SAS to respond and determine the impact to Renaissance's data,” the release states.  

SAS conducted a forensic investigation with the help of cybersecurity specialists and has implemented additional controls since the incident to enhance the security of its network.  

“As reported by SAS, these controls include, but are not limited to, rebuilding infected servers, building new domain controllers, changing all system and user passwords, increasing password complexity, implementing stronger controls over historical password use, migrating all users to Microsoft Office 365, implementing multi-factor authentication for access to Microsoft Office 365, deploying new PCs to all users, and providing training on new security protocols,” the release states.  

Renaissance is offering impacted individuals access to 12 months of credit monitoring and identity restoration services.  

Individuals with questions can call the dedicated assistance line at 800-323-4027, Monday through Friday from 9:00 am to 9:00 pm Eastern Time.  

"As a best practice, we encourage individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements and explanations of benefits, as applicable, and by monitoring free credit reports for suspicious activity and to detect errors,” the release concludes.