Nonstop Administration and Insurance Services, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Nonstop Administration and Insurance Services, Inc., doing business as Nonstop Health, experienced a data breach in which sensitive personal identifiable information (PII) was compromised. The breach was discovered when an unauthorized actor accessed sensitive information on December 22, 2022. Nonstop Health began contacting individuals potentially impacted by the breach on February 15, 2023.

Nonstop Health is a health insurance company that specializes in providing healthcare benefits to organizations with 50 or more employees. The company was founded in 2012 and initially served nonprofit organizations before expanding its services to a broader range of clients

The type of information exposed in the breach includes names and Social Security numbers. Individuals who received a breach notification letter from Nonstop Administration and Insurance Services are advised to review the notice carefully, enroll in any free credit monitoring services provided, change passwords and security questions for online accounts, regularly review account statements, monitor credit reports, and contact a credit bureau to request a temporary fraud alert

The breach has led to legal investigations, and individuals affected may have rights and potential legal remedies in response to the data breach. The law firm Turke & Strauss LLP is investigating the incident and has expressed interest in speaking with affected individuals

Data from Nonstop Health was reportedly leaked on hacking-related forums, including personal information such as names, dates of birth, postal addresses, email addresses, and Social Security numbers. The leaked data also included cellphone numbers, employee status, job titles, and annual salaries for some records. The full leak reportedly contains 43,532 lines of data from December 2022

Nonstop Health has taken steps in response to the incident, including launching an investigation, reporting the incident to law enforcement, redesigning its cloud-services workflow to reduce risk, and providing potentially impacted individuals with complimentary access to credit monitoring and identity protection services

The breach has been reported to various state authorities, and Nonstop Health has notified affected individuals and offered identity theft protection services

The incident has also been reported to the HHS’ Office for Civil Rights, indicating that protected health information (PHI) was involved

Breach Submission Date Mar 27, 2023
Converted Entity Name Nonstop Administration and Insurance Services, Inc.
Converted Entity Type Business Associate
State PA
Individuals Affected 8,571
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes