Attorney general will probe whether RIPTA's handling of data breach complied with the law [The Providence Journal] - Insurance News | InsuranceNewsNet

InsuranceNewsNet — Your Industry. One Source.™

Sign in
  • Subscribe
  • About
  • Advertise
  • Contact
Home Now reading Newswires
Topics
    • Life Insurance News
    • Annuity News
    • Health/Employee Benefits
    • Property and Casualty
    • Advisor News
    • Washington Wire
    • Regulation News
    • Sponsored Articles
    • Monthly Focus
  • Exclusives
  • NewsWires
  • Magazine
  • Webinars
  • Free Newsletters
Sign in or register to be an INNsider.
  • INN Exclusives
  • Life Insurance News
  • Annuity News
  • Health/Employee Benefits
  • Property and Casualty
  • AdvisorNews
  • Washington Wire
  • Regulation News
  • Sponsored Articles
  • Monthly Focus
  • INN Exclusives
  • NewsWires
  • Magazine
  • Webinars
  • Free Newsletters
  • Insider Pro
  • About
  • Advertise
  • Editorial Staff
  • Contact
  • Newsletters

Get Social

  • Facebook
  • Twitter
  • LinkedIn
Newswires
Newswires RSS Get our newsletter
Order Prints
December 29, 2021 Newswires No comments
Share
Share
Tweet
Email

Attorney general will probe whether RIPTA's handling of data breach complied with the law [The Providence Journal]

Providence Journal (RI)

The Rhode Island Attorney General's office is probing the Rhode Island Public Transit Authority's handling of a data breach that's affecting thousands of past and present state employees.

Kristy dosReis, a spokeswoman for Attorney General Peter Neronha, said the office was "reviewing this incident to determine whether the entities involved have complied with state laws regarding notification and safeguarding of personal information in their custody."

The attorney general's office was notified about the breach on December 23rd, dosReis said, and has been receiving a "high call volume stemming from the ongoing situation."

Data breach: More than 5,000 people affected by security breach of RIPTA health plan.

More than 17,000 people in Rhode Island were affected by an August breach of RIPTA's computer network, according to letters that victims received this week. Many of the individuals who had their personal data stolen had never worked for RIPTA or interacted with the transit agency, raising the question of why their information was on RIPTA's network.

Rep. Edith Ajello, D-Providence, told The Providence Journal that she was among the victims of the breach, and similarly wondered how RIPTA had obtained her information.

"I haven't been on a bus for almost a decade," she said.

Ajello said she sought an explanation and was told that UnitedHealthcare had been sending bills for all state employees' health claims to RIPTA — leaving it up to the transit agency to sort out which of those claims came from RIPTA employees.

UnitedHealthcare administered the health plan for state employees prior to 2020. The company did not respond to inquiries by press time.

RIPTA senior executive Courtney Marciano previously told The Journal that the data that hackers obtained had been sent to the transit agency by a "previous health insurance provider."

More: Hacker hit RIPTA. Here's why over 17,000 state employees discovered their data was stolen

She did not answer additional inquiries about who that provider was, or whether the information provided to Ajello was correct.

RIPTA has not explained why files that contained state employees' personal information — including names, addresses, dates of birth, Social Security numbers, health plan numbers, and the dates and amounts of health claims — were not deleted or destroyed.

RIPTA's handling of the breach has led to widespread confusion. Many current and former state employees were baffled when they received letters earlier this week, alerting them that their data had been stolen.

Many had never worked for RIPTA, or had any other interaction with the public transportation agency. The letters did not say that the breach had also affected employees in other branches of government, or explain why RIPTA had those employees' personal data in the first place.

Several state employees who contacted The Journal said they and their coworkers had initially assumed the letter was a scam, because it listed a processing center in Portland, Oregon, as a return address.

In an apparent effort to quell the confusion, Director of Administration James E. Thorsen sent out an email to state employees on Tuesday, confirming that RIPTA had been "the target of a recent security incident that involved the personal information of beneficiaries of the State of Rhode Island's health plans."

Thorsen also included an additional piece of information about the breach: The files that were stolen pertained to "health plan billing from about 2013 through 2015."

Rhode Island's Identity Theft Protection Act of 2015 gives government agencies 45 days to notify affected individuals about a data breach. That notification process can be delayed if it would "impede a criminal investigation," but only if requested by a federal, state, or local law enforcement agency.

But state employees affected by the RIPTA breach were in the dark until they received letters in the mail this week — stating that RIPTA had learned Oct. 28 that the hackers stole files that contained their personal information.

Those letters were dated and postmarked Dec. 21, nearly two months later. The breach itself took place at the beginning of August.

RIPTA did not respond to an inquiry about whether the delayed notification might have violated the law.

The Identity Theft Protection Act also states that agencies "shall not retain personal information for a period longer than is reasonably required" unless other laws or retention policies state otherwise.

The law carries penalties of $100 for "reckless" violations, or $200 for "knowing and willful" violations, which could add up to a fine in the millions.

©2021 www.providencejournal.com. Visit providencejournal.com. Distributed by Tribune Content Agency, LLC.

Older

No-Fault Auto Insurance Reform Devastates Local Residents

Newer

Assurely and Great American Insurance Group’s Executive Liability Division Begin Relationship Towards a New Era of Insurance

Advisor News

  • Americans face a new retirement reality, Allianz Life says
  • Long Island man gets 41 months in prison for massive Ponzi scheme
  • Credit Suisse owes millions to Georgia's billionaire ex-prime minister, court says
  • Study: insufficient retirement savings could add $1.3 trillion government burden
  • Your Financial Future: Take care in making retirement decisions
More Advisor News

Annuity News

  • Indexed, MYGA annuities set Q1 sales record, says Wink
  • Global Atlantic announces $19.2 billion reinsurance agreement with MetLife
  • Prudential Financial to reinsure $10B block of traditional VAs with Constellation affiliate
  • Income tops annuity buyers’ reasons for purchase, study says
  • Annuity sellers jockey for position in a record-breaking 1Q, LIMRA reports
Sponsor
More Annuity News

Health/Employee Benefits News

  • Jury convicts Ohio business owner in healthcare fraud, charitable scheme
  • Majority of Medicaid recipients will transition to employer coverage, study shows
  • Workplace benefits still strong despite inflation, looming recession
  • Workplace benefits still strong despite inflation, looming recession
  • NU moving health insurance plans back to Blue Cross
More Health/Employee Benefits News

Life Insurance News

  • Pan-American Life acquires Encova’s life insurance affiliate
  • Tennessee regulators search for Southland policyholders after liquidation
  • Next wave of life expectancy gains is on the horizon, says Swiss Re report
  • Nationwide adjusters make 6 demands to rectify overwork concerns
  • John Hancock announces collaboration with ŌURA
More Life Insurance News

- Presented By -

Top Read Stories

  • Former head of Arkansas State Medical Board raided by Drug Enforcement Administration
  • Tennessee regulators search for Southland policyholders after liquidation
  • Va. Gov. Youngkin: Auto Parts Manufacturer to Expand in Virginia
  • ‘Annuity King’ asks Florida judge to acquit fraud conviction, grant new trial
  • Senator Schmitt and Congressman Alford Send Letter to Treasury Department to Protect Whiteman Air Force Base
More Top Read Stories >

Press Releases

  • Insurity Event Response Guide: P&C Insurers Can Dramatically Reduce Time Spent on Event Response with Intuitive, Proactive Data Analysis
  • Shae Lucabaugh Joins TBX® as Senior Director of Operations
  • Insurity to Provide Sure Claims Payments as a Standalone Offering, Allowing Insurers to Go Live with the Cloud-Based Solution in Just 4 Weeks
  • Insurity and VIPR Solutions Unite for Seamless, Automated Program Management
  • National Western Life introduces new 10-year Fixed Indexed Annuity with an optional Guaranteed Minimum Death Benefit Rider
More Press Releases > Add Your Press Release >

How to Write For InsuranceNewsNet

Find out how you can submit content for publishing on our website.
View Guidelines

Topics

  • Life Insurance News
  • Annuity News
  • Health/Employee Benefits
  • Property and Casualty
  • Advisor News
  • Washington Wire
  • Regulation News
  • Sponsored Articles
  • Monthly Focus

Top Sections

  • Life Insurance News
  • Annuity News
  • Health/Employee Benefits News
  • Property and Casualty News
  • AdvisorNews
  • Washington Wire
  • Insurance Webinars

Our Company

  • About
  • Editorial Staff
  • Magazine
  • Write for INN
  • Advertise
  • Contact

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.

select Newsletter Options
Facebook Linkedin Twitter
© 2023 InsuranceNewsNet.com, Inc. All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • AdvisorNews

Sign in with your Insider Pro Account

Not registered? Become an Insider Pro.
Insurance News | InsuranceNewsNet