Breach exposes information of 200,000+ Hoosier Medicaid members

The personal health information of more than 200,000 Hoosiers on Medicaid may have been exposed in a global software breach in late May, the Indiana Family and Social Services Administration (FSSA) announced Friday.

That includes the names, addresses, Social Security numbers, dates of birth, gender, medical conditions, diagnoses, medications, allergies, health conditions, member IDs and plan names of 212,193 Medicaid recipients utilizing Indiana's services.

Those affected are part of a managed care plan provided by Ohio-based CareSource.

A file transfer software the company was using, called MOVEit, was breached briefly in late May.

CareSource "immediately remediated the breach" and notified FSSA, according to the agency. And the company is contacting those affected with information and credit monitoring options.

It's part of the same MOVEit hack that, in August, the agency said exposed the names, addresses, case numbers and Medicaid numbers of more than 744,000 Hoosiers on Medicaid. Just four people's social security numbers were accessed, however.

In that case, the software was being used by Indiana's health coverage programs enrollment broker, Maximus Health Services.

The breach has impacted an estimated 1,000 organizations and 60 million people worldwide, according to TechCrunch.