“We are aware of no lingering threat or other illicit activity on our network. We sincerely apologize for any inconvenience this may cause and are committed to further enhancing our cybersecurity defenses moving forward,” SAIF spokesperson Lauren Casler said in a written statement.
The insurer posted additional information about the breach online and offered free ID theft and monitoring service for at least 12 months. SAIF said it has been unable to determine how many people the breach affected.
Established by the Oregon Legislature more than a century ago, SAIF is a not-for-profit organization that serves as the state’s leading provider of workers compensation coverage. It has more than 54,000 policyholders, according to its 2021 annual report.
Cyberattacks have become increasingly common among all kinds of businesses, nonprofits and government agencies as hackers seek to sell personal data online or hold it in exchange for a ransom.
In recent years, prominent Northwest brands including Burgerville, McMenamins, Yoshida Foods, Bob’s Red Mill, Ruby Receptionists and The Allison Inn & Spa have all been hit.
SAIF said its breach occurred Oct. 24 and it notified customers Dec. 8. The insurer said it hired outside security experts to help manage the incident, contacted law enforcement and has no evidence that hackers have misused the data.
Subsequent analysis determined that most claimant and policyholder data was from prior to 2003, according to SAIF.
Hackers may have accessed policyholders’ Social Security numbers, bank account numbers and medical information, the insurer said. The thieves may have accessed claimants’ Social Security numbers, driver’s license numbers, bank account numbers, health insurance policy numbers and medical history.
SAIF said the cyberattack may have accessed claims filed between Sept. 24 and Oct. 25 last year. The organization said thieves could only have accessed accepted and denied medical conditions.
However, SAIF also said “there was a portion of the acquired customer data that we weren’t able to identify, nor were we able to identify the type of information that was possibly included.”
© 2023 Advance Local Media LLC. Distributed by Tribune Content Agency, LLC.