Dental Health Services, a dental health plan provider operating in California, Oregon, and Washington, has notified certain plan members about a data breach incident. On February 7, 2024, an error resulted in monthly invoices containing protected health information (PHI) being mistakenly emailed to certain employer group customers.
While the invoices were encrypted and password protected, the email recipients were inadvertently sent the encryption password in a separate email, allowing access to the invoices. The exposed information included members’ names, dates of birth, member identification numbers, eligibility dates, plan types, and premium amounts due.
Dental Health Services has confirmed that all recipients of the emails have deleted the incorrectly disclosed invoices. Despite this assurance and the encrypted nature of the emails, there is still concern over the potential misuse of the exposed data.
Reference:
