IEC Group, Inc. dba AmeriBen

IEC Group, Inc., doing business as AmeriBen, experienced an email-related data breach that was reported to the HHS’ Office for Civil Rights, affecting up to 74,884 individuals. The incident was classified as an unauthorized access/disclosure incident, but it was not immediately clear whether it involved an unauthorized third party or an insider. The compromised email account contained protected health information (PHI) such as names, claim numbers, employer CERT codes, and other sensitive details. In response to the breach, affected individuals were notified by mail and offered two years of complimentary credit monitoring services. A lawsuit has been filed over this data breach, alleging that the PHI of 152,818 individuals was compromised and claiming it was a ransomware attack[1].

AmeriBen filed a notice of data breach with the Attorney General of Texas after discovering that confidential consumer information was subject to unauthorized access. The leaked information included names, health insurance information, and medical information. AmeriBen began sending out data breach notification letters to all affected individuals after completing its investigation[2].

The breach is part of a larger trend of cyberattacks on healthcare providers and associated businesses. AmeriBen, a third-party insurance administrator based in Meridian, Idaho, oversees the administration of complex benefit plans for over 160 self-funded employer groups and fully insured university plans, serving over one million members[2].

For more detailed information on the breach and its implications, affected individuals were advised to review the data breach notification letters sent by AmeriBen and to take steps to protect themselves from potential fraud or identity theft[2].

Citations:

1. https://www.hipaajournal.com/phi-of-almost-75000-individuals-exposed-in-email-incident-at-ameriben/
2. https://www.jdsupra.com/legalnews/ameriben-confirms-data-breach-leaked-3233124/
3. https://www.hipaa.info/cyberattacks-on-ameriben-dms-health-technologies-and-more-companies-affected-by-moveit-hack/
4. https://colevannote.com/investigations/
5. https://ameriben.com/AmeriBen_Privacy_Notice_for_California_Residents.pdf
6. https://www.v2verify.com/2023-data-breaches
7. https://www.hipaajournal.com/august-2023-healthcare-data-breach-report/
8. https://www.hackmageddon.com/2023/10/18/16-31-august-2023-cyber-attacks-timeline/
9. https://breachdata.topwords.me/hipaa?limit=20&offset=100&sort=breach_type
10. https://www.linkedin.com/in/jamileefogle
11. https://www.kcgov.us/DocumentCenter/View/21774/32-Contract-Agreement-MOU—AmeriBen-Annual-Agreement-Renewal—AmeriBen
12. https://www.linkedin.com/in/brea-kleine
13. https://www.casemine.com/judgement/us/652230752cec034620af6e45
14. https://www.hipaa.info/hipaa-news/