DETROIT – Michigan’s Attorney General Dana Nessel and the Department of Insurance and Financial Services Director Anita G. Fox are urging Michigan residents affected by a data breach to safeguard their information that may have been compromised.
The information breached was sustained by the Detroit-based company, Wolverine Solutions Group. Customers that could be affected include customers of Blue Cross Blue Shield of Michigan, Health Alliance Plan, McLaren Health Care, Three Rivers Health, and North Ottawa Community Health System.
Exposed information include; names, addresses, dates of birth, social security numbers, insurance contract information and numbers, phone numbers, and medical information. Wolverine Solutions Group says it does not believe personal information was extracted.
Auxiom is a local security company that helps others build rock solid IT networks, to protect against these problems.
We talked with Auxiom’s CEO, Matt Loria, who says these data breaches have become a regular occurrence nowadays. He says in a ransomware attack, hackers get into the server and lock down files with an encryption, holding them for ransom. In order for the company to get them back, the company has to pay those hackers.
You may be confused to get the letter, if you don’t recognize Wolverine’s name. Typically, large companies outsource certain things to smaller vendors.
Many data breaches occur through smaller venders, says Loria.
“If you have large companies, like Blue Cross Blue Shield…typically they will have very strong security protocols in place to try and thwart these types of things off before they happen. The smaller companies they work with typically don’t have all the same protections in place,” Loria said.
Loria says freezing your credit is important in times like this. Freezing your credit will lock hackers out of your information. They can’t access those records to impersonate you. If you are about to buy a home or lease a car, then you’ll have to unfreeze your credit, but it’s worth it to do so.
Monitoring your credit through a service is helpful as well. “Your credit is like your health, you’re the only one who cares about it,” said Loria.
Wolverine is offering two levels of identity protection for those affected by the breach. The company is reaching out to impacted individuals by mail. If you receive a letter, read it and consider enrolling in the free credit monitoring service that’s offered in the letter.
Take these steps, outlined by the Attorney General’s office, if your information was stolen:
• Find out what information was compromised.
• Pull your free credit report at annualcreditreport.com or by calling 877-322-8228.
• Put a fraud alert on your credit file. The Federal Trade Commission provides a checklist for this.
• Consider a security freeze on your credit file.
• Take advantage of any free services being offered as a result of the breach.
• Use two-factor authentication on your online accounts whenever it’s available.
For more information on what to do during a data breach, review the Michigan Attorney General’s consumer alert on data breaches. A toll-free information hotline is being provided by the company to answer consumer questions at 877-412-7152.
Loria added that everything is a chain from the small business vendors to the bigger companies.
“Any bit of information along that chain can get stolen. What we have to somehow make happen better (and many larger companies have done this), push compliancy down to smaller vendors and say if you want to do business, you have to have this type of security," said Loria.
"What we can do as consumers is try to push on those companies and say, ‘We want to make sure our data safe. How are you making sure all of your vendors are doing the right thing?’”