Exploit: Data Breach
Company: SAIF Corporation
Industry: Oregon Workers' Compensation Insurance and Benefits
Sources: https://www.oregonlive.com/business/2023/01/saif-says-data-breach-may-have-compromised-social-security-numbers-medical-information.html | https://www.jdsupra.com/legalnews/saif-corporation-notifies-workers-9551853/

SAIF, a not-for-profit organization that serves as Oregon’s leading provider of workers’ compensation coverage, has experienced a data breach. The organization maintains that some of the information was at least two decades old, according to the organization, but some who filed claims in September and October may have had medical information compromised. SAIF has notified impacted parties by mail and offered them free ID theft and monitoring service for a year.

SAIF said its breach occurred on October 24, 2022, and it notified customers on December 8, 2022. The organization stated that it is aware of no lingering threat or other illicit activity on its network and is committed to further enhancing its cybersecurity defenses moving forward.

Cyberattacks have become increasingly common among all kinds of businesses, nonprofits, and government agencies as hackers seek to sell personal data online or hold it in exchange for a ransom. In recent years, prominent Northwest brands including Burgerville, McMenamins, Yoshida Foods, Bob’s Red Mill, Ruby Receptionists, and The Allison Inn & Spa have all been hit.

SAIF said it has been unable to determine how many people the breach affected. However, subsequent analysis determined that most claimants and policyholder data was from prior to 2003, according to SAIF. Hackers may have accessed policyholders’ Social Security numbers, bank account numbers, and medical information. The thieves may have accessed claimants’ Social Security numbers, driver’s license numbers, bank account numbers, health insurance policy numbers, and medical history.

SAIF said the cyberattack may have accessed claims filed between September 24 and October 25 last year. The organization said thieves could only have accessed accepted and denied medical conditions. However, SAIF also said “there was a portion of the acquired customer data that we weren’t able to identify, nor were we able to identify the type of information that was possibly included.”

In light of this incident, it is important for all businesses, nonprofits, and government agencies to review and strengthen their cybersecurity defenses. This includes regularly updating software, training employees on security protocols, and implementing multi-factor authentication. It is also crucial for organizations to have a plan in place for responding to a security incident, including notification and assistance for affected individuals.

As a policyholder of SAIF or any other organization, it is also important to be vigilant and monitor your personal information for any suspicious activity. Take advantage of any free credit monitoring or identity theft protection services offered, and consider placing a credit freeze on your account.

SAIF's commitment to enhancing their cybersecurity defenses and offering assistance to affected individuals is a step in the right direction. However, it is important for all organizations to learn from this incident and take the necessary measures to protect their customers' personal information.