AlohaCare, Inc.
| Primary URL | Location | Industry | alohacare[.]org |
Country
United States of America
|
Healthcare
|
|---|
Profile
AlohaCare, Inc. operates under the aliases AlohaCare and AlohaCare, Inc.
The organization is headquartered in the United States of America.
It maintains personal information as part of its operational functions.
Specific details about its core products, services, or markets served are not disclosed in the available source material.
The organization is recognized by its official name in public filings and breach notifications.
Its organizational structure is described as a distinct entity without further ownership details in the provided sources.
On May 31, 2023, AlohaCare experienced a cybersecurity incident involving unauthorized access to its systems.
The breach originated from a zero‑day vulnerability in the MOVEit file transfer tool, a vulnerability that was exploited in a broader campaign affecting many organizations worldwide.
Through this vulnerability, threat actors obtained names, residential addresses, dates of birth, and Social Security numbers.
Approximately 12,982 individuals had their personal data exposed in the incident.
Among those affected, 21 residents of the state of Maine were specifically identified.
The compromised data set is typical of information collected for administrative and identification purposes.
The incident was reported to state authorities, including the Maine Attorney General’s office and the California Attorney General’s office.
Following the discovery, AlohaCare engaged cybersecurity experts to conduct a thorough investigation of the breach.
As a result of the investigation, the organization implemented enhanced security measures to strengthen its defenses against similar threats.
To assist impacted individuals, AlohaCare offered twelve months of complimentary credit monitoring services.
The complimentary package also included dark web surveillance and identity protection assistance.
Additionally, affected individuals were provided with a one‑million‑dollar insurance policy through TransUnion’s Identity Force program.
These remedial actions were communicated to the public via consumer notification letters distributed in Maine and California.
The organization’s response aimed to mitigate potential harm and restore confidence in its data protection practices.
