Some security incidents remain unnoticed for so long that it becomes difficult to assess the extent of damages done as a consequence. One such breach has surfaced online recently by Dominion National – ‘an insurer and administrator of dental and vision benefits’. As revealed, the Dominion National data breach lasted for about a decade as it remained unnoticed until recently.
Dominion National Data Breach
According to a security notice shared by the firm, Dominion National – a dental and vision benefits administrator and insurer – suffered a security breach. Ironically, the breach remained unnoticed and continued for about a decade.
The Dominion National data breach hit the firm back in August 2010. The firm noticed the unauthorized access on their systems on April 24, 2019.
Consequently, the incident affected the detailed personal information of members, and in some cases, some financial data as well. Regarding the members potentially affected during the incident, Dominion National stated,
We have… determined that the data may include enrollment and demographic information for current and former members of Dominion National and Avalon vision, and current and former members of plans we provide administrative services for. In addition, the data may include personal information for producers who placed Dominion National and Avalon vision policies, and healthcare providers participating in the insurance programs of Dominion National.
Specifically, the breached personal information includes details such as names, email addresses, birth dates, addresses, Social Security numbers, group numbers, member ID, and subscriber numbers. Whereas, for those affectees who enrolled online, the breached information also includes bank account and routing numbers.
As for the producers, the breached data includes names and Social Security numbers. Whereas, the exposed information belonging to the providers include names, birth dates, tax ID numbers, and/or Social Security numbers.
Security Measures Taken
Upon noticing the security breach, Dominion National quickly contained the access on the affected servers. They also reported the data breach to the FBI and continue to cooperate with them for further investigations.
For now, the firm does not believe any potential misuse has occurred from the exposed data.
We have no evidence that any information was in fact accessed, acquired, or misused and we have not received any reports that it was.
Nonetheless, they are offering a two-year credit monitoring and fraud protection service via ID Experts® MyIDCare. Though, they haven’t stated any precise number of individuals affected during this incident. Yet, they have separately notified the affected via emails.
Let us know your thoughts in the comments.