Nice Pak Products Inc., Health and Welfare Benefits Plan

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The breach at Nice Pak Products Inc., Health and Welfare Benefits Plan in New Jersey involved unauthorized access to the company’s network, where an actor viewed and obtained files stored on certain devices between May 28, 2023, and June 15, 2023. The compromised data included personal information such as Social Security numbers, health insurance plan information, and health savings account information. This incident is referred to as the “Health Plan Incident”[8].

Nice Pak Products Inc. sent notices to its employees and issued a public statement on August 14, 2023, informing them of the breach. The company concluded its investigation into the incident on July 24, 2023, and subsequently notified employees about the breach. Employees and their families were advised to monitor their credit scores and enroll in credit monitoring services to protect against identity theft[8].

The breach notice also suggested that affected individuals consider placing credit freezes on their credit files, placing or extending fraud alerts, monitoring accounts, ordering copies of their credit reports, and reviewing statements from health insurance and health care providers. It was indicated that Nice Pak may not have been able to determine the full scope of the data breach, including exactly what information was stolen and when[8].

The document from the Indiana Commercial Court also suggests that Nice Pak may have failed to adequately train its employees on reasonable cybersecurity protocols or implement reasonable security measures, which contributed to the breach[8].

Citations:

  1. https://www.mass.gov/doc/assigned-data-breach-number-30288-nice-pak-products-inc-and-professional-disposables-international-inc/download
  2. https://www.mass.gov/doc/data-breach-report-2023/download
  3. https://colevannote.com/investigations/
  4. https://www.pacermonitor.com/public/filings/DK4G5V3Q/Willey_v_Nice-Pak_Products_Inc_et_al__nysdce-23-08540__0001.0.pdf
  5. https://www.pbgc.gov/sites/default/files/documents/mp-transferred-plans.xlsx
  6. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  7. https://www.justice.gov/atr/antitrust-case-filings-alpha
  8. https://assets-global.website-files.com/642f23e5f54b794300ac12a6/651c1d8e585f08a06da2e43a_b8UQ6kW8hEASE4rcUmeBuEn_LW88ZsTJlv5ZD3gSTNe7pjD37ugJOZVeRkZ28ZWoaW3bd_5liK6BsQvu0JR-_0hZaBo0FM-E3qljdIwFStA_VcGdVDZxrZx4OxD5zgickf5F2ALMblaONGr4W8jAf_rRUxNW2hfRZC8IQwRoqvE.pdf
  9. https://www.cms.gov/cciio/resources/files/downloads/employer_01062012.pdf
  10. https://www.govinfo.gov/content/pkg/USCOURTS-nyed-1_15-cv-04579/pdf/USCOURTS-nyed-1_15-cv-04579-2.pdf
  11. https://www.reuters.com/article/idUSL5N1GD1H6/
  12. https://breachdata.topwords.me/?limit=20&offset=1720&sort=data_source
  13. https://www.nicepak.com/download_file/view/75a44352-f309-48dc-94b6-a873b223f709
  14. https://www.coursehero.com/file/217953552/Bhogadi-A-Security-Breach-Categories1docxpdf/
Breach Submission Date Aug 14, 2023
Converted Entity Name Nice Pak Products Inc., Health and Welfare Benefits Plan
Converted Entity Type Health Plan
State NJ
Individuals Affected 8,487
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes