Up to 30,000 Florida Medicaid recipients may have had their records breached, according to Florida’s Agency for Health Care Administration.
In compliance with state and federal law, the agency is warning potential victims that an employee was the target of a “malicious phishing email” last November, the agency says in a post.
The possible exposure includes highly sensitive personal information.
“It is possible that Medicaid enrollees’ full names, Medicaid ID numbers, dates of birth, address, diagnoses, medical conditions or Social Security numbers were accessed in part or full,” the agency continues.
The agency’s leadership was notified of preliminary findings on the November 2017 breach on January 2. The agency has conducted a review of its ITS data to determine the circumstances, and initiated new security training, it says.
The agency is providing victims with a year’s membership in Experian’s IdentityWorks program.