Millions of customers affected by WebTPA data breach

Data Breach
Image Credit: Shutterstock (Image credit: Shutterstock)

We now know exactly how many people are affected by the WebTPA data breach that was discovered late last year - 2,429,175.

The hackers who infiltrated WebTPA’s infrastructure stole people’s full names, contact information, birth dates (and death dates, where applicable), Social Security Numbers (SSN), and insurance information - a treasure trove of valuable data that can be abused in identity theft, social engineering attacks, phishing, and more. 

The company confirmed the news in a short announcement published on the company’s website, BleepingComputer reported, adding that financial account information, credit card numbers, medical treatment, and diagnostic information have not been exposed.

Defending the premises

WebTPA is a third-party administrator (TPA) that provides administrative services for health plans and insurance companies. The company manages different functions for the plans, such as processing claims, managing enrollment, handling customer service, and providing reporting and analytics. Some of the impacted people, the publication further explained, are customers at large insurance companies such as The Hartford, Transamerica, and Gerber Life Insurance.

The company is a subsidiary of GuideWell Mutual Holding Corporation, and earns more than $100 million in revenue a year. It has more than 18,000 employees. 

The data breach happened on April 18, 2023, with unidentified threat actors lurking on the company’s IT infrastructure until April 23 of the same year. During that time, they exfiltrated the sensitive data and disappeared. Roughly half a year later, on December 28, the company found evidence of data tampering and launched an investigation.

“The investigation concluded that the unauthorized actor may have obtained personal information between April 18 and April 23, 2023,” WebTPA said.

Affected customers were notified in early May this year, and were offered two years of free credit and identity theft monitoring, as well as fraud consultation, through Kroll. So far, there is no evidence of the data being misused anywhere.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.