On May 31, 2023, Progress Software discovered a problem affecting its MOVEit® Transfer application. IBM, a third-party vendor contracted with the Colorado Department of Health Care Policy & Financing (HCPF), uses the MOVEit application to move HCPF data files in the normal course of business. Progress Software publicly announced that the MOVEit problem was the result of a cybersecurity incident, which impacted many users around the world, including IBM. No HCPF or State of Colorado systems were affected by this issue.
HCPF finished its investigation and determined that its employees’ personal information may have been compromised, including:
- First and last name
- Social Security number
- Medicaid ID number
- Date of birth
- Home address
- Other contact information
- Demographic or income information
- Clinical and medical information (such as diagnosis/condition, lab results, medication, or other treatment information)
- Health insurance information
HCPF notified the individuals whose personal information was compromised on August 11, 2023. If you’ve received notice from HCPF that your personal information was compromised, consider doing certain things to protect your personal information:
- Change your passwords and security information for online accounts;
- Review your account statements for unauthorized activity;
- Monitor your credit reports for signs of identity theft;
- Contact the credit bureaus to request a temporary fraud alert;
- Carefully review the notice you received from HCPF;
- Keep a copy of the notice for your records; and
- Enroll in the credit monitoring and identity restoration services offered in the notice from HCPF.
For more information on the options available to you following a data breach, email us at info@mselaborlaw.com, or call (202) 833-8855 to set up a free consultation with one of our attorneys, or click the Contact Us form in the menu header above.