Aug 15, 2023 - Health

MOVEit data breach hits 134,000 Bay Staters

Steph Solis

Illustration of a computer wearing a bandit's mask. — Illustration: Aïda Amer/Axios

Some 134,000 Massachusetts residents may have had their personal information stolen in a data breach involving a widely used file-transfer software, state officials and UMass Chan Medical School say.

Driving the news: Hackers targeted recent or current recipients of MassHealth, state cash benefits, Aging Services Access Points services and other resources, officials said in a news release.

UMass Chan started notifying those affected Tuesday and says neither its nor the state's systems were compromised in the incident.

The big picture: Millions of Americans have had their health information stolen thanks to a security flaw in the MOVEit file-transfer software IBM used.

The Colorado Department of Health Care Policy and Financing, which runs the state's Medicaid program, was also affected.

Zoom in: In Massachusetts, the breach exposed people's dates of birth, mailing addresses, Social Security numbers, medical details and financial account information.

Be smart: UMass Chan is offering free credit monitoring and identity theft protection services to those whose Social Security numbers or financial information was exposed.

Pro tip: The state and the hospital set up an information hotline for the breach, running 9am-5pm on weekdays at 855-862-7769.

Editor's note: This story has been updated to note when the hospital began notifying those affected by the breach.

Add Axios on Google

MOVEit data breach hits 134,000 Bay Staters

More Boston stories