Relation Insurance began notifying an undisclosed number of members about a phishing attack that may have exposed their personal information.
In August 2019, Relation Insurance discovered unusual activity on an employee's email account. Upon investigation, Relation Insurance determined that an unauthorized third party had access to the email account between Aug. 14-15, 2019.
Member data that may have been exposed included names, addresses, telephone numbers, email addresses, dates of birth, Social Security numbers, passport numbers, driver's license or state issued identification numbers, account numbers, credit card numbers, treatment information, prescription information, provider names, medical record numbers, health insurance information, medical histories and diagnosis codes.
Since the incident, Relation Insurance has reviewed its existing security policies and implemented additional security measures to protect member information, including enhanced email security.