The Missouri Department of Conservation said sensitive personal data has been exposed after an unauthorized party gained access to one of the department’s servers earlier this year.
The breach was first discovered in February when the department’s cybersecurity team detected suspicious activity. The department said it immediately activated its Incident Response Team to assess the scope of the breach and initially found no evidence that protected health information had been accessed.
However, further analysis of the department in April revealed that files containing protected health information were among those affected. MDC said the breach could affect both current and former beneficiaries of its employee health benefits plan.
The compromised data may include names, addresses, birth dates, phone numbers and emails, as well as health benefits enrollment details and potentially Social Security numbers, driver’s license numbers or state IDs.
The department said it is working alongside law enforcement and third-party cybersecurity experts to continue the investigation and protect its systems.
The department is recommending affected individuals closely monitor their financial accounts, credit reports and medical statements for any unfamiliar activity. It also recommends contacting law enforcement if any fraud is suspected.
As part of its response, the department said it will offer complimentary credit monitoring services to those who may have been affected. It said written notifications are being sent to affected individuals, and substitute notifications are posted on its website for those with incomplete contact records.
The department said it regrets any inconvenience or concern the breach has caused and that additional cybersecurity measures have been implemented to prevent future incidents.
To report an error or typo, email news@komu.com.
