Buckeye Health Plan

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Buckeye Health Plan, a subsidiary of Centene Corporation, experienced a security incident involving member information due to a cyber incident at their vendor One Touch Point, Inc. (OTP). The incident occurred between April 27, 2022, and June 3, 2022, during which an unauthorized actor may have accessed data files stored on OTP’s systems. The information involved included names, healthcare ID numbers, and clinical information including diagnoses. Social Security Numbers were not included or involved in the incident.

Upon discovery, OTP took immediate measures to contain the incident, initiated an investigation with a cybersecurity firm, and notified the FBI. The forensic investigation is now complete. In response, Buckeye Health Plan activated their incident response plan, ceased business operations with OTP, and OTP has since implemented additional security measures to prevent future occurrences. Buckeye Health Plan has provided information to affected members on how to protect their information, including a reference guide with steps to take and tips from the Federal Trade Commission on identity theft protection[1].

Citations:

  1. https://www.buckeyehealthplan.com/newsroom/security-incident0.html
  2. https://www.daytondailynews.com/local/ohio-medicaid-providers-data-may-have-been-exposed-from-data-breach/LX27UA4PZVBSVFAZCVM2GS53FM/
  3. https://247sports.com/college/ohio-state/
  4. https://mmp.buckeyehealthplan.com/fraud-waste-abuse.html
  5. https://ambetter.buckeyehealthplan.com/privacy-practices.html
  6. https://pekininsurance.com
  7. https://www.ohioattorneygeneral.gov/Media/News-Releases/March-2021/Ohio-Sues-Multiple-Centene-Entities-for-Breach-of
  8. https://www.strsoh.org
  9. https://www.buckeyehealthplan.com/members/medicaid/resources/interoperability-and-patient-access.html
  10. https://www.npr.org/sections/health-shots/2018/11/21/669751038/you-snooze-you-lose-how-insurers-dodge-the-costs-of-popular-sleep-apnea-devices
  11. https://www.ohioattorneygeneral.gov/Media/News-Releases/June-2021/Centene-Agrees-to-Pay-a-Record-$88-3-Million-to-Se
  12. https://info.bwc.ohio.gov
  13. https://www.buckeyehealthplan.com/privacy-practices.html
  14. https://www.transportation.ohio.gov
  15. https://www.cohenmilstein.com/case-study/ohio-department-medicaid-et-al-v-centene-corporation-et-al/
  16. https://www.deere.com/en/index.html
  17. https://www.dispatch.com/story/news/2021/08/16/buckeye-health-care-centene-subsidiary-added-managed-care-pact-after-88-million-settlement-fraud/8152641002/
  18. https://jobs.walgreens.com/en/search-jobs
Breach Submission Date May 16, 2023
Converted Entity Name Buckeye Health Plan
Converted Entity Type Health Plan
State OH
Individuals Affected 686
Breach Type Unauthorized Access/Disclosure

Breach Information Location Email

Business Associate Present Yes