Member NoticeOctober 23, 2023
On August 2, 2023 we learned that NASCO, a claims administration services vendor experienced a data security incident in which an unauthorized third party accessed the data of multiple NASCO customers. This occurred within a third party MOVEit application to securely exchange files. After discovering the incident on July 12, 2023, NASCO determined that on May 30, 2023, the attack resulted in the unauthorized third party acquiring certain files that contained personal information.
Upon discovering the incident, NASCO immediately took steps to secure its systems, launched an investigation conducted by an experienced outside law firm and a leading cybersecurity firm, and notified law enforcement authorities. As part of its investigation, NASCO analyzed the impacted data to determine whether any individual’s personal information was subject to unauthorized access or acquisition. Further investigation was required to identify our impacted members.
Most impacted individuals have received direct notice of this event, but we were unable to contact a limited number of individuals and are providing this substitute notice.
For individuals affected by this incident, the categories of impacted personal information may include, among other things: Subscriber ID (in some cases ID contained SSN+0000), claim number, group number, group name, patient account number, provider name, procedure code, claim charges and dates of service.
To learn more please visit, https://www.nasco.com/datasecurity/
If you have additional questions, please call Experian’s customer care team, toll-free call center at 1-855-873-7643 Monday through Friday between 9:00 a.m. and 11:00 p.m. and Saturday and Sunday between 11:00 am and 8:00 pm Eastern Time, excluding major U.S. holidays.