Nearly nine-year security breach at a large vision and dental insurer may have compromised the data of 95,000 Delawareans, or roughly 10 percent of the states population, according to the state's insurance commissioner.
Dominion National, an insurer based in Virginia, discovered in April that servers containing enrollment data, demographic details and personal information of consumers and providers may have been accessed by an unauthorized party. With the assistance of a cybersecurity firm, Dominion National determined that the unauthorized access may have occurred as early as August 25, 2010, according to a company news release.
"Dominion National moved quickly to clean the affected servers," the release said. "Dominion National has no evidence that any information was in fact accessed, acquired, or misused."
The information that was potentially compromised includes names, addresses, Social Security numbers, taxpayer identification numbers, bank account and routing numbers and member ID numbers, among other personal data.
Dominion National began to notify current and former customers of the potential breach on June 21 and is offering two years of free credit monitoring and fraud protection services for all individuals potentially affected by the incident, according to the Delaware Department of Insurance.
The state department has launched its own investigation into the incident, according to commissioner Trinidad Navarro, and a law firm in Philadelphia has announced it is looking into potential claims for victims of the breach.
"The Department of Insurance will determine if appropriate safeguards were in place, and if private consumer information was handled properly," Navarro said in a statement.
In the meantime, Dominion National told the department it has "implemented enhanced monitoring and alerting software" and is providing additional help to customers through a website and incident hotline.