Cyber Incident Victim: Health Alliance Plan

In March 2019, Health Alliance Plan (HAP) notified approximately 120,000 members about a data breach stemming from a ransomware incident at Wolverine Solutions Group, a third-party vendor handling mailing services for the healthcare organization. The breach occurred when Wolverine Solutions Group, a business associate managing communications for numerous healthcare entities, experienced a cybersecurity attack compromising systems containing sensitive member information. HAP confirmed the incident potentially exposed personal and health-related data belonging to its members, though the breach originated within Wolverine's infrastructure rather than HAP's direct systems. The ransomware attack disrupted Wolverine's operations, impacting over 700 client organizations and more than 1.2 million individuals across its client base. HAP's notification, reported publicly on March 6, 2019, followed Wolverine's disclosure of the incident to its affected clients.

The compromised data included members' names, addresses, dates of birth, member identification numbers, healthcare provider names, patient identification numbers, and claim-related details such as service codes and payment amounts. HAP initiated direct notifications to impacted individuals, advising them to monitor accounts and statements for potential misuse of their information. Wolverine Solutions Group's role as a centralized service provider amplified the breach's scope, exposing data across its extensive client network in the healthcare sector. No evidence suggested HAP's internal systems were compromised, as the breach was confined to Wolverine's infrastructure. The incident underscored risks associated with third-party vendors handling sensitive health data, particularly those servicing multiple entities. HAP's response focused on member notification and coordination with Wolverine, while broader remediation efforts remained under Wolverine's responsibility as the breached entity.