On June 18, 2024, Kairos Health Arizona notified the Attorney General of Montana about a data breach that compromised some members’ personal information. The breach occurred when an unauthorized third party accessed sensitive consumer data, including names, insurance identification numbers, claims and coverage information, and health details. Following the incident, Kairos began sending data breach notification letters to those affected.
The breach was traced to a former third-party vendor who accessed Kairos’s IT network without permission. The investigation revealed that the vendor downloaded a limited amount of data from a Kairos database between November 2, 2023, and March 29, 2024. This unauthorized access led to the exposure of confidential consumer files.
Kairos Health Arizona reviewed the compromised files to assess the impact and determine which consumers were affected. The leaked information varied but included critical personal and insurance details. Kairos is working to address the breach and mitigate any potential risks to affected individuals.
Kairos Health Arizona is an employee benefits pool serving public entities in Arizona, such as school districts and municipalities. With more than 25 employees and approximately $5 million in annual revenue, the company offers plans and administrative services to small employers and self-employed individuals. The breach underscores the need for robust cybersecurity measures to protect sensitive information.
Reference:
