Health Care Service Corporation Company CyberSecurity Posture
hcsc.com
Health Care Service Corporation serves nearly 23 million people across the United States through its portfolio of health benefit solutions. HCSC provides health coverage options for employers large and small, individuals and families, and Medicare and Medicaid plans. HCSC also offers related health care products and services such as pharmacy solutions, life and dental insurance, and health data technology. A Mutual Legal Reserve Company, HCSC is an independent licensee of the Blue Cross Blue Shield Association. For nearly a century, we have enabled and coordinated the access to quality care for millions of members. Our experience and industry knowledge establishes a solid foundation for our future—driving innovations that further expand access, improve health outcomes, and reduce costs. Embedded within the fabric of how we operate is a deep sense of caring and commitment that informs how we serve our members, engage in local communities, and deliver positive change to the health care industry. As health care needs evolve, we leverage our portfolio of companies to deliver differentiated value to all industry stakeholders so that, together, we make more possible. Join HCSC and discover what new ways of thinking can mean for you, your community, our customers and our organization: HCSC.com/careers. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to an inclusive, drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability, or protected veteran status.
Company Details
blue-cross-and-blue-shield-of-illinois-new-mexico-oklahoma-&-texas
18,916
146,444
62
hcsc.com
0
HEA_2524258
In-progress
HCSC Risk Score (AI oriented)Between 750 and 799
HCSC Global Score (TPRM)XXXX
Description: A third-party data breach involving **Conduent**, a business services provider for BCBSMT, exposed sensitive personal and medical data of up to **462,000 Montanans** between **November 8, 2024, and March 5, 2025**. Compromised information includes **names, addresses, birth dates, phone numbers, billing details, and medical records**. While BCBSMT’s internal systems remained unaffected, the breach was described as having **‘far-reaching and jaw-dropping consequences’** by Montana’s State Auditor, James Brown. The exposed data was exfiltrated by a **‘threat actor’** but, per Conduent, has not been publicly leaked or sold on the dark web. BCBSMT claimed to offer **credit monitoring** to affected customers, though regulators reported delays in notifications. The incident prompted a **full-scale state investigation**, new cybersecurity initiatives, and a public awareness campaign to mitigate identity theft risks. Authorities emphasized **accountability, transparency, and legal action** against responsible parties.
Description: Blue Cross Blue Shield of Montana (BCBSMT), the largest health insurer in Montana, experienced a **cybersecurity incident** where an **unauthorized user accessed membership data**, compromising the **personally identifiable information (PII) of 462,000 individuals**. The exposed data included **names, addresses, dates of birth, telephone/fax numbers, email addresses, medical record numbers, health plan beneficiary numbers, account numbers, billing information, and service dates**. The breach exposed **sensitive medical and financial details**, raising concerns over identity theft, fraud, and misuse of health records. A **national class-action law firm (Lynch Carpenter, LLP)** is investigating potential claims for compensation, indicating significant legal and reputational repercussions. The incident highlights vulnerabilities in **healthcare data security**, with long-term risks for affected individuals, including financial fraud and privacy violations.
Description: A massive data breach at **Blue Cross-Blue Shield of Montana**, the state’s largest health insurer, exposed the sensitive personal and healthcare data of **462,000 customers**—nearly one-third of Montana’s population. The breach, caused by a **third-party vendor (Conduent)**, lasted from **October 2024 to January 2025** but was only disclosed in **October 2025**, nearly a year after discovery. Compromised data included **birth dates, Social Security numbers, and health condition records**, highly targeted by cybercriminals for identity theft, fraud, and dark web sales. Victims face risks of **medical identity theft (average cost: $20,000 per incident)**, lost healthcare coverage, increased premiums, and long-term financial harm. The company failed to encrypt data, delete obsolete records, or notify affected individuals promptly, violating Montana’s breach disclosure laws. A **class-action lawsuit** alleges negligence, breach of contract, and violations of consumer protection laws, seeking damages, security reforms, and a decade of third-party monitoring. The breach has already led to **spam, fraud calls, and identity theft cases**, with victims unable to mitigate risks due to delayed alerts.
Description: Blue Cross Blue Shield of Montana (BCBSMT) suffered a large-scale data breach via a third-party vendor, **Conduent**, between late 2024 and early 2025. The incident compromised the **personal and medical information** of **462,000 Montanans**—nearly **one-third of the state’s population**. Exposed data included **names, addresses, birth dates, billing and medical records, phone numbers, and other sensitive details**. The breach triggered an investigation by Montana’s **State Auditor and Insurance Commissioner**, James Brown, who criticized BCBSMT for delays in notification and transparency. The fallout led to regulatory scrutiny, potential enforcement actions, and a public awareness campaign urging affected residents to monitor financial and insurance statements for fraud. BCBSMT’s response remains under legal constraint, with the company declining to comment on pending litigation. The breach’s scale and sensitivity of leaked data—spanning **health and financial records**—pose severe risks of **identity theft, medical fraud, and long-term reputational damage** to both BCBSMT and the impacted individuals. Montana’s government deployed an **AI assistant** to manage the surge in consumer inquiries, highlighting the breach’s systemic impact on state-level cybersecurity and regulatory frameworks.
Description: Blue Cross Blue Shield of Montana (BCBSMT) is currently under investigation following a **major data breach** that exposed the **personal and medical information of up to 462,000 customers** in the state. The breach originated from a **third-party vendor, Conduent**, which experienced a **cyber incident** compromising BCBSMT member data. While BCBSMT confirmed its own systems remained unaffected, the incident has raised significant concerns over **customer privacy and data security**. The Montana State Auditor’s office is actively probing the breach, emphasizing the **potential misuse of sensitive health and personal records**, which could lead to **identity theft, financial fraud, or targeted phishing attacks**. The scale of the breach—affecting nearly half a million individuals—highlights systemic vulnerabilities in **third-party vendor security protocols**, particularly in the healthcare sector. Customers impacted may face long-term risks, including **unauthorized access to medical histories, insurance fraud, or reputational harm** to BCBSMT due to eroded trust. The breach underscores the **critical need for robust cybersecurity measures**, especially when handling **highly sensitive health data**, and may prompt regulatory scrutiny or legal repercussions for both BCBSMT and Conduent.
Description: Montana Blue Cross-Blue Shield (Montana BCBS), the largest insurance carrier in Montana, experienced a severe data breach through one of its vendors. The breach lasted several months and was discovered in February but only reported to the Montana Commissioner of Securities and Insurance in October. It exposed the **financial information and medical records** of over **460,000 Montanans**, including sensitive health and personal data. The breach posed significant risks of identity theft, financial fraud, and unauthorized access to private health records. In response, the Commissioner’s office deployed an AI-powered tool to assist affected residents in safeguarding their data, freezing credit, and monitoring for identity theft. A class-action lawsuit has also been filed by impacted residents. The breach involved a third-party vendor, highlighting vulnerabilities in supply chain security and the potential for large-scale exposure of highly sensitive personal and health data.
No incidents recorded for Health Care Service Corporation in 2025.
No incidents recorded for Health Care Service Corporation in 2025.
No incidents recorded for Health Care Service Corporation in 2025.
HCSC cyber incidents detection timeline including parent company and subsidiaries
Health Care Service Corporation serves nearly 23 million people across the United States through its portfolio of health benefit solutions. HCSC provides health coverage options for employers large and small, individuals and families, and Medicare and Medicaid plans. HCSC also offers related health care products and services such as pharmacy solutions, life and dental insurance, and health data technology. A Mutual Legal Reserve Company, HCSC is an independent licensee of the Blue Cross Blue Shield Association. For nearly a century, we have enabled and coordinated the access to quality care for millions of members. Our experience and industry knowledge establishes a solid foundation for our future—driving innovations that further expand access, improve health outcomes, and reduce costs. Embedded within the fabric of how we operate is a deep sense of caring and commitment that informs how we serve our members, engage in local communities, and deliver positive change to the health care industry. As health care needs evolve, we leverage our portfolio of companies to deliver differentiated value to all industry stakeholders so that, together, we make more possible. Join HCSC and discover what new ways of thinking can mean for you, your community, our customers and our organization: HCSC.com/careers. We are an Equal Opportunity Employment / Affirmative Action employer dedicated to an inclusive, drug-free and smoke-free workplace. Drug screening and background investigation are required, as allowed by law. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability, or protected veteran status.
We are Inova, Northern Virginia and the Washington, D.C. metropolitan area’s leading nonprofit healthcare provider. With expertise and compassion, we partner with our patients to help them stay healthy. We treat illness, heal injury and look at a patient’s whole health to help them flourish. Through
UPMC is a world-renowned, nonprofit health care provider and insurer committed to delivering exceptional, people-centered care and community services. Headquartered in Pittsburgh and affiliated with the University of Pittsburgh Schools of the Health Sciences, UPMC is shaping the future of health thr
When it comes to your health, everything matters. That’s why UnitedHealthcare is helping people live healthier lives and making the health system work better for everyone. Our health plans are there for you in moments big and small, delivering a simple experience, affordable coverage, and supportive
R1 is the leader in healthcare revenue management, helping providers achieve new levels of performance through smart orchestration. A pioneer in the industry, R1 created the first Healthcare Revenue Operating System: a modular, intelligent platform that integrates automation, AI, and human expertise
Leading Private Healthcare Provider in the Middle East With a vision to be the most trusted healthcare provider in medical excellence and patient experience globally, Dr. Sulaiman Al-Habib Medical Group (HMG) has become the largest provider of comprehensive healthcare services in the Middle East. A
Nationwide Children’s is one of America's largest pediatric hospitals, an international leader in research and is ranked in all 10 specialties on U.S. News & World Report’s 2025-26 “America’s Best Children’s Hospitals” list. Our staff, comprised of 1,600 medical professionals and over 16,000 employe
O Ministério da Saúde é o órgão do Poder Executivo Federal responsável pela organização e elaboração de planos e políticas públicas voltados para a promoção, a prevenção e a assistência à saúde dos brasileiros. É função do Ministério dispor de condições para a proteção e recuperação da saúde da pop
Alberta Health Services (AHS) is proud to be part of Canada’s first and largest provincewide, integrated health system, responsible for delivering health services to more than 4.5 million people living in Alberta, as well as occasionally to some residents of other provinces and territories Our skil
Be at the heart of exceptional care. Team MHS Florida is an award-winning group of friends and colleagues at one of the largest not-for-profit health systems in the nation. We're 17,000 strong, advancing towards a brighter future together. We're passionate about the work we do, delivering deep, pe
.png)
The HIPAA Journal has compiled healthcare data breach statistics from October 2009, when the Department of Health and Human Services (HHS)...
Hospitals are increasingly reliant on networked technology to run lifesaving medical equipment and access patient records.
These companies block online threats, assess industry vulnerabilities and increase education and awareness about cybersecurity.
The healthcare sector faces a rapidly increasing range of cybersecurity threats, with ransomware attacks emerging as one of the most significant.
The Senate Health, Education, Labor and Pensions Committee on Wednesday held a hearing on cybersecurity and how to ensure privacy for Americans.
Your organization's resilience is a top priority. With Deloitte's cybersecurity services, you can stay safe from threats while supercharging transformation.
Discover the top 10 tech companies in Albuquerque, NM, revolutionizing industries from AI to aerospace with innovation and employee-focused...
A cybersecurity incident that affected St. Joseph Hospital in Nashua stretched across its parent company's entire organization.
Appointments of Caroline Jessen as Chief People Officer and Keven Sticher as Chief Information Security Officer & VP of Engineering bolster Collective Health's...
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Health Care Service Corporation is http://www.hcsc.com.
According to Rankiteo, Health Care Service Corporation’s AI-generated cybersecurity score is 787, reflecting their Fair security posture.
According to Rankiteo, Health Care Service Corporation currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Health Care Service Corporation is not certified under SOC 2 Type 1.
According to Rankiteo, Health Care Service Corporation does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Health Care Service Corporation is not listed as GDPR compliant.
According to Rankiteo, Health Care Service Corporation does not currently maintain PCI DSS compliance.
According to Rankiteo, Health Care Service Corporation is not compliant with HIPAA regulations.
According to Rankiteo,Health Care Service Corporation is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Health Care Service Corporation operates primarily in the Hospitals and Health Care industry.
Health Care Service Corporation employs approximately 18,916 people worldwide.
Health Care Service Corporation presently has no subsidiaries across any sectors.
Health Care Service Corporation’s official LinkedIn profile has approximately 146,444 followers.
Health Care Service Corporation is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
No, Health Care Service Corporation does not have a profile on Crunchbase.
Yes, Health Care Service Corporation maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/blue-cross-and-blue-shield-of-illinois-new-mexico-oklahoma-&-texas.
As of December 11, 2025, Rankiteo reports that Health Care Service Corporation has experienced 6 cybersecurity incidents.
Health Care Service Corporation has an estimated 30,925 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Total Financial Loss: The total financial loss from these incidents is estimated to be $0.
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via montana state auditor and media, and and third party assistance with cybersecurity data mining experts (conduent), and remediation measures with credit monitoring offered to affected individuals (claimed but not confirmed), and communication strategy with public statements by montana state auditor, communication strategy with social media updates (x), communication strategy with planned customer notifications, and communication strategy with public disclosure via press release (globe newswire) and data breach notifications sent to affected individuals, and incident response plan activated with delayed (notified customers starting 2025-10-24, 9+ months after discovery), and third party assistance with legal firms (graybill law, heenan and cook, paoli law), third party assistance with potential future auditors, and remediation measures with customer notifications (delayed), remediation measures with website breach notice, and communication strategy with limited (no comment on litigation), communication strategy with website notice, communication strategy with delayed customer letters, and and containment measures with breach closed in february 2023, and remediation measures with implementation of ai-powered assistance tool for residents, and recovery measures with ai tool for real-time resident support, recovery measures with website updates with breach information, and communication strategy with public announcement, communication strategy with ai tool for resident guidance, communication strategy with website portal (csimt.gov), and enhanced monitoring with ai tool interactions encrypted and monitored, and and recovery measures with ai-powered assistant for consumer inquiries, recovery measures with public awareness campaign, and communication strategy with urgent questions to bcbsmt/conduent, communication strategy with public statements, communication strategy with ai assistant (csimt.gov), communication strategy with advisories to monitor explanation of benefits..
Title: Blue Cross Blue Shield of Montana Data Breach Investigation
Description: An investigation is underway into Blue Cross Blue Shield of Montana following a major data breach that potentially affects hundreds of thousands of customers. The breach was linked to a third-party vendor, Conduent, and puts the personal and medical information of up to 462,000 Montana customers at risk. Blue Cross systems were not directly impacted.
Type: Data Breach (Third-Party Vendor Incident)
Title: Blue Cross Blue Shield of Montana (BCBSMT) Third-Party Data Breach via Conduent
Description: Montana state officials launched an investigation into a third-party data breach involving Conduent, a business services provider for Blue Cross Blue Shield of Montana (BCBSMT). The breach exposed sensitive personal and medical data of up to 462,000 Montanans between November 8, 2024, and March 5, 2025. The exposed data includes names, addresses, birth dates, phone numbers, billing, and medical information. BCBSMT systems were not directly impacted, but the incident has prompted a full-scale regulatory investigation and new cybersecurity initiatives by the Montana State Auditor’s office.
Date Detected: 2025-01-13
Date Publicly Disclosed: 2025-10-23
Type: data breach
Attack Vector: third-party vendor compromiseexfiltration of client files
Title: Blue Cross Blue Shield of Montana Data Breach
Description: An unauthorized user gained access to membership data of Blue Cross Blue Shield of Montana (BCBSMT), the largest health insurer in Montana. The breach impacted the personal information of 462,000 individuals, exposing personally identifiable information (PII) such as telephone numbers, fax numbers, email addresses, medical record numbers, health plan beneficiary numbers, account numbers, medical/dental service details, billing information, names, addresses, dates of birth, and service dates.
Date Publicly Disclosed: 2025-10-23
Type: Data Breach
Threat Actor: Unauthorized user
Title: Blue Cross-Blue Shield of Montana Data Breach (2024-2025)
Description: A massive data breach at Blue Cross-Blue Shield of Montana, affecting up to 462,000 customers (approximately one-third of Montana's residents), exposed sensitive personal and healthcare information, including birth dates, Social Security numbers, and health condition data. The breach was allegedly caused by a third-party vendor, Conduent, and lasted from October 2024 to January 2025. The company was accused of failing to notify customers promptly (discovered in January 2025 but disclosed in October 2025) and not implementing standard data protection measures like encryption. A class-action lawsuit was filed, alleging negligence, breach of contract, and violations of Montana’s Consumer Protection Act. The breach led to identity theft risks, financial losses, and operational disruptions, with potential costs of $20,000 per victim for medical identity theft resolution.
Date Detected: 2025-01
Date Publicly Disclosed: 2025-10-24
Type: data breach
Attack Vector: third-party vendor (Conduent)unsecured data storagelack of encryption
Vulnerability Exploited: unencrypted sensitive dataimproper data retentionthird-party security gaps
Motivation: financial gain (data sale on dark web)identity theftfraud
Title: Montana Blue Cross-Blue Shield Vendor Data Breach
Description: A data breach at a vendor of Montana Blue Cross-Blue Shield (BCBS) exposed financial and health information of over 460,000 Montanans. The breach lasted several months and was discovered and closed in February 2023, with public disclosure in October 2023. In response, the Montana Commissioner of Securities and Insurance implemented an AI tool to assist affected residents in safeguarding their data and navigating post-breach steps. The breach has also led to a class-action lawsuit by several residents.
Date Detected: 2023-02-01
Date Publicly Disclosed: 2023-10-01
Date Resolved: 2023-02-01
Type: data breach
Title: Blue Cross Blue Shield of Montana (BCBSMT) Data Breach via Third-Party Vendor Conduent
Description: A large-scale data breach at Blue Cross Blue Shield of Montana (BCBSMT) compromised the personal and medical information of nearly one-third of Montana's population (~462,000 individuals). The breach occurred via a third-party vendor, Conduent, between late 2024 and early 2025. Compromised data includes names, addresses, birth dates, billing/medical data, phone numbers, and other sensitive information. Montana State Auditor James Brown launched an investigation, criticizing the notification timeline and deploying an AI-powered assistant to assist affected residents.
Type: data breach
Attack Vector: third-party vendor (Conduent) security breach
Common Attack Types: The most common types of attacks the company has faced is Breach.
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through third-party vendor (Conduent) and third-party vendor (Conduent).
Data Compromised: Personal information, Medical information
Systems Affected: None (Blue Cross systems were not impacted)
Brand Reputation Impact: Potential (due to exposure of sensitive customer data)
Identity Theft Risk: High (462,000 customers potentially affected)
Data Compromised: Names, Addresses, Birth dates, Phone numbers, Billing data, Medical data, Other sensitive information
Systems Affected: Conduent’s environment (limited portion)
Operational Impact: operations disruption (Conduent)regulatory investigationpublic awareness campaign
Brand Reputation Impact: severeeroded consumer trustregulatory scrutiny
Legal Liabilities: potential finesregulatory actionslegal accountability demands
Identity Theft Risk: ['high', 'statewide public awareness campaign launched']
Data Compromised: Telephone numbers, Fax numbers, Email addresses, Medical record numbers, Health plan beneficiary numbers, Account numbers, Medical/dental service details, Billing information, Names, Addresses, Dates of birth, Service dates
Brand Reputation Impact: Potential reputational damage due to exposure of sensitive health and personal data
Legal Liabilities: Lynch Carpenter, LLP is investigating claims for potential compensation; class action lawsuit possible
Identity Theft Risk: High (due to exposure of PII including names, addresses, dates of birth, and medical/financial details)
Payment Information Risk: Moderate (account numbers and billing information exposed)
Data Compromised: Birth dates, Social security numbers, Health condition data, Personally identifiable information (pii)
Systems Affected: third-party vendor systems (Conduent)customer databases
Operational Impact: investigation by Montana Commissioner of Securities and Insuranceclass-action lawsuitcustomer notifications delayed
Customer Complaints: ['spam calls', 'fraud attempts', 'identity theft reports']
Brand Reputation Impact: loss of trustnegative media coveragelegal scrutiny
Legal Liabilities: class-action lawsuit (7 counts: negligence, breach of contract, Montana Consumer Protection Act violations, etc.)potential regulatory fines
Identity Theft Risk: ['high (data sold on dark web for $40–$200 per record)', 'complete dossiers assembled by cybercriminals']
Data Compromised: Financial information, Medical records
Customer Complaints: class-action lawsuit filed
Brand Reputation Impact: high (statewide breach affecting largest insurance carrier)
Legal Liabilities: class-action lawsuit
Identity Theft Risk: high (financial and health data exposed)
Payment Information Risk: high
Data Compromised: Names, Addresses, Birth dates, Billing data, Medical data, Phone numbers, Other sensitive information
Customer Complaints: surge in consumer questions (handled via AI assistant)
Brand Reputation Impact: significant (described as 'deeply disturbing' with 'far-reaching consequences')
Legal Liabilities: potential enforcement actions for untimely notification (investigation ongoing)
Identity Theft Risk: high (residents urged to monitor Explanation of Benefits)
Average Financial Loss: The average financial loss per incident is $0.00.
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Medical Information, , Personally Identifiable Information (Pii), Protected Health Information (Phi), Billing Data, , Personally Identifiable Information (Pii), Protected Health Information (Phi), , Pii (Birth Dates, Ssns), Health Records, Private Healthcare Information, , Financial Information, Medical Records, , Pii (Personally Identifiable Information), Phi (Protected Health Information), Billing Data and .
Entity Name: Blue Cross Blue Shield of Montana
Entity Type: Health Insurance Provider
Industry: Healthcare
Location: Helena, Montana, USA
Customers Affected: 462,000
Entity Name: Conduent (Third-Party Vendor)
Entity Type: Business Process Services
Industry: Outsourcing/IT Services
Entity Name: Blue Cross Blue Shield of Montana (BCBSMT)
Entity Type: health insurer
Industry: healthcare
Location: Montana, USA
Customers Affected: 462,000
Entity Name: Conduent
Entity Type: third-party business services provider
Industry: business process outsourcing
Entity Name: Blue Cross Blue Shield of Montana (BCBSMT)
Entity Type: Health Insurer
Industry: Healthcare
Location: Montana, USA
Size: Large (largest health insurer in Montana)
Customers Affected: 462,000 individuals
Entity Name: Blue Cross-Blue Shield of Montana
Entity Type: health insurance company
Industry: healthcare/insurance
Location: Montana, USA
Size: 462,000 customers (~1/3 of Montana's population)
Customers Affected: 462,000
Entity Name: Conduent (third-party vendor)
Entity Type: vendor/service provider
Industry: business process services
Entity Name: Montana Blue Cross-Blue Shield (BCBS)
Entity Type: health insurance provider
Industry: healthcare/insurance
Location: Montana, USA
Size: largest insurance carrier in Montana
Customers Affected: 460,000+
Entity Name: Unnamed Vendor of Montana BCBS
Entity Type: third-party vendor
Entity Name: Blue Cross Blue Shield of Montana (BCBSMT)
Entity Type: health insurance provider
Industry: healthcare/insurance
Location: Montana, USA
Customers Affected: 462,000 (~1/3 of Montana's population)
Entity Name: Conduent (third-party vendor)
Entity Type: vendor/service provider
Industry: business process services
Communication Strategy: Public disclosure via Montana State Auditor and media
Incident Response Plan Activated: True
Third Party Assistance: Cybersecurity Data Mining Experts (Conduent).
Remediation Measures: credit monitoring offered to affected individuals (claimed but not confirmed)
Communication Strategy: public statements by Montana State Auditorsocial media updates (X)planned customer notifications
Communication Strategy: Public disclosure via press release (GLOBE NEWSWIRE) and data breach notifications sent to affected individuals
Incident Response Plan Activated: delayed (notified customers starting 2025-10-24, 9+ months after discovery)
Third Party Assistance: Legal Firms (Graybill Law, Heenan And Cook, Paoli Law), Potential Future Auditors.
Remediation Measures: customer notifications (delayed)website breach notice
Communication Strategy: limited (no comment on litigation)website noticedelayed customer letters
Incident Response Plan Activated: True
Containment Measures: breach closed in February 2023
Remediation Measures: implementation of AI-powered assistance tool for residents
Recovery Measures: AI tool for real-time resident supportwebsite updates with breach information
Communication Strategy: public announcementAI tool for resident guidancewebsite portal (csimt.gov)
Enhanced Monitoring: AI tool interactions encrypted and monitored
Incident Response Plan Activated: True
Recovery Measures: AI-powered assistant for consumer inquiriespublic awareness campaign
Communication Strategy: urgent questions to BCBSMT/Conduentpublic statementsAI assistant (csimt.gov)advisories to monitor Explanation of Benefits
Incident Response Plan: The company's incident response plan is described as delayed (notified customers starting 2025-10-24, 9+ months after discovery), , .
Third-Party Assistance: The company involves third-party assistance in incident response through cybersecurity data mining experts (Conduent), , legal firms (Graybill Law, Heenan and Cook, Paoli Law), potential future auditors, .
Type of Data Compromised: Personal information, Medical information
Number of Records Exposed: 462,000
Sensitivity of Data: High (includes medical and personal details)
Data Exfiltration: Likely (as data was 'impacted' by the incident)
Personally Identifiable Information: Yes
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi), Billing data
Number of Records Exposed: 462,000
Sensitivity of Data: high (includes medical and financial data)
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)
Number of Records Exposed: 462,000
Sensitivity of Data: High (includes medical, financial, and personal identifiers)
Data Exfiltration: Yes (records were obtained by unauthorized user)
Personally Identifiable Information: namesaddressesdates of birthtelephone numbersfax numbersemail addressesmedical record numbershealth plan beneficiary numbersaccount numbers
Type of Data Compromised: Pii (birth dates, ssns), Health records, Private healthcare information
Number of Records Exposed: 462,000
Sensitivity of Data: high (medical + financial identity theft risk)
Type of Data Compromised: Financial information, Medical records
Number of Records Exposed: 460,000+
Sensitivity of Data: high (financial + health data)
Type of Data Compromised: Pii (personally identifiable information), Phi (protected health information), Billing data
Number of Records Exposed: 462,000
Sensitivity of Data: high (includes medical and billing data)
Personally Identifiable Information: namesaddressesbirth datesphone numbers
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: credit monitoring offered to affected individuals (claimed but not confirmed), , customer notifications (delayed), website breach notice, , implementation of AI-powered assistance tool for residents, .
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by breach closed in february 2023 and .
Data Exfiltration: True
Data Exfiltration: True
Data Exfiltration: True
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through AI tool for real-time resident support, website updates with breach information, , AI-powered assistant for consumer inquiries, public awareness campaign, .
Regulatory Notifications: Montana State Auditor involved in investigation
Legal Actions: full-scale investigation by Montana State Auditor’s office, potential enforcement actions,
Regulatory Notifications: U.S. Securities and Exchange Commission (SEC) filing by Conduent
Legal Actions: Potential class action lawsuit (Lynch Carpenter, LLP investigating claims)
Regulations Violated: Montana Consumer Protection Act, Montana breach notification law (delayed disclosure),
Legal Actions: class-action lawsuit (7 counts), Montana Commissioner of Securities and Insurance investigation,
Regulatory Notifications: Montana Commissioner notified on 2025-10-08
Legal Actions: class-action lawsuit filed by residents,
Regulatory Notifications: Montana Commissioner of Securities and Insurance notified in October 2023
Regulations Violated: potential untimely notification to regulator, potential untimely notification to affected individuals,
Legal Actions: investigation ongoing; potential enforcement authority
Regulatory Notifications: Montana State Auditor's office notifiedaffected individuals notified (timeliness under scrutiny)
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through full-scale investigation by Montana State Auditor’s office, potential enforcement actions, , Potential class action lawsuit (Lynch Carpenter, LLP investigating claims), class-action lawsuit (7 counts), Montana Commissioner of Securities and Insurance investigation, , class-action lawsuit filed by residents, , investigation ongoing; potential enforcement authority.
Lessons Learned: Timely breach notification is critical to mitigate harm., Third-party vendor risks must be proactively managed., Encryption and data retention policies are essential for protecting sensitive data., Delayed responses exacerbate financial and reputational damage.
Lessons Learned: Proactive use of AI tools can enhance post-breach resident support and triage, especially for large-scale incidents with limited staff resources. Ensuring AI tools are isolated from sensitive systems and comply with privacy standards mitigates secondary risks.
Recommendations: Enhance third-party vendor cybersecurity oversight, Implement statewide public awareness campaigns for identity theft prevention, Strengthen regulatory accountability for data breachesEnhance third-party vendor cybersecurity oversight, Implement statewide public awareness campaigns for identity theft prevention, Strengthen regulatory accountability for data breachesEnhance third-party vendor cybersecurity oversight, Implement statewide public awareness campaigns for identity theft prevention, Strengthen regulatory accountability for data breaches
Recommendations: Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.Implement robust encryption for all sensitive data., Conduct regular security audits (internal + third-party)., Enforce strict data retention/deletion policies., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide comprehensive staff training on data security., Engage a third-party monitoring firm for 10+ years post-breach., Offer free credit/identity theft monitoring to affected customers.
Recommendations: Implement AI-driven support tools for large-scale breach responses to improve real-time assistance., Ensure third-party vendors adhere to robust cybersecurity standards to prevent supply-chain breaches., Provide clear, accessible guidance for affected individuals on steps like credit freezes and identity theft monitoring., Monitor for patterns in resident inquiries to identify unattended issues post-breach.Implement AI-driven support tools for large-scale breach responses to improve real-time assistance., Ensure third-party vendors adhere to robust cybersecurity standards to prevent supply-chain breaches., Provide clear, accessible guidance for affected individuals on steps like credit freezes and identity theft monitoring., Monitor for patterns in resident inquiries to identify unattended issues post-breach.Implement AI-driven support tools for large-scale breach responses to improve real-time assistance., Ensure third-party vendors adhere to robust cybersecurity standards to prevent supply-chain breaches., Provide clear, accessible guidance for affected individuals on steps like credit freezes and identity theft monitoring., Monitor for patterns in resident inquiries to identify unattended issues post-breach.Implement AI-driven support tools for large-scale breach responses to improve real-time assistance., Ensure third-party vendors adhere to robust cybersecurity standards to prevent supply-chain breaches., Provide clear, accessible guidance for affected individuals on steps like credit freezes and identity theft monitoring., Monitor for patterns in resident inquiries to identify unattended issues post-breach.
Recommendations: Monitor Explanation of Benefits for suspicious activity, Update Montana laws to address AI and cybersecurity gaps (potential 2027 legislative action), Explore AI for regulatory efficiency (e.g., insurance product reviews)Monitor Explanation of Benefits for suspicious activity, Update Montana laws to address AI and cybersecurity gaps (potential 2027 legislative action), Explore AI for regulatory efficiency (e.g., insurance product reviews)Monitor Explanation of Benefits for suspicious activity, Update Montana laws to address AI and cybersecurity gaps (potential 2027 legislative action), Explore AI for regulatory efficiency (e.g., insurance product reviews)
Key Lessons Learned: The key lessons learned from past incidents are Timely breach notification is critical to mitigate harm.,Third-party vendor risks must be proactively managed.,Encryption and data retention policies are essential for protecting sensitive data.,Delayed responses exacerbate financial and reputational damage.Proactive use of AI tools can enhance post-breach resident support and triage, especially for large-scale incidents with limited staff resources. Ensuring AI tools are isolated from sensitive systems and comply with privacy standards mitigates secondary risks.
Source: Q2 News (Helena, MT)
Date Accessed: 2023-10-23
Source: U.S. Securities and Exchange Commission (SEC) Filing by Conduent
Date Accessed: 2025-04
Source: Montana State Auditor and Commissioner of Securities and Insurance (James Brown) Statements
Date Accessed: 2025-10-23
Source: GLOBE NEWSWIRE Press Release
Date Accessed: 2025-10-23
Source: Lynch Carpenter LLP Investigation Page
Source: Daily Montanan
Source: Lewis and Clark County District Court (Class-Action Lawsuit Filing)
Source: Montana Commissioner of Securities and Insurance Investigation
Source: Experian Study (Medical Identity Theft Costs)
Source: 2007 General Accounting Office Report (Data Fraud Timelines)
Source: Montana Commissioner of Securities and Insurance
URL: https://csimt.gov
Source: NBC Montana
Source: Montana Commissioner of Securities and Insurance (csimt.gov)
URL: https://csimt.gov
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Q2 News (Helena, MT)Date Accessed: 2023-10-23, and Source: NewsweekUrl: https://www.newsweek.comDate Accessed: 2025-10-23, and Source: U.S. Securities and Exchange Commission (SEC) Filing by ConduentDate Accessed: 2025-04, and Source: Montana State Auditor and Commissioner of Securities and Insurance (James Brown) StatementsDate Accessed: 2025-10-23, and Source: GLOBE NEWSWIRE Press ReleaseDate Accessed: 2025-10-23, and Source: Lynch Carpenter LLP Investigation PageUrl: https://www.lynchcarpenter.com, and Source: Daily Montanan, and Source: Lewis and Clark County District Court (Class-Action Lawsuit Filing), and Source: Montana Commissioner of Securities and Insurance Investigation, and Source: Experian Study (Medical Identity Theft Costs), and Source: 2007 General Accounting Office Report (Data Fraud Timelines), and Source: Daily MontananUrl: https://dailymontan.com, and Source: Montana Commissioner of Securities and InsuranceUrl: https://csimt.gov, and Source: NBC Montana, and Source: Montana Commissioner of Securities and Insurance (csimt.gov)Url: https://csimt.gov.
Investigation Status: Ongoing (led by Montana State Auditor)
Investigation Status: ongoing (full-scale investigation by Montana State Auditor’s office)
Investigation Status: Ongoing (Lynch Carpenter, LLP investigating claims)
Investigation Status: ongoing (regulatory investigation + class-action lawsuit)
Investigation Status: ongoing (class-action lawsuit in progress)
Investigation Status: ongoing (responses from BCBSMT/Conduent under analysis; potential public hearing)
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Montana State Auditor and media, Public Statements By Montana State Auditor, Social Media Updates (X), Planned Customer Notifications, Public disclosure via press release (GLOBE NEWSWIRE) and data breach notifications sent to affected individuals, Limited (No Comment On Litigation), Website Notice, Delayed Customer Letters, Public Announcement, Ai Tool For Resident Guidance, Website Portal (Csimt.Gov), Urgent Questions To Bcbsmt/Conduent, Public Statements, Ai Assistant (Csimt.Gov) and Advisories To Monitor Explanation Of Benefits.
Stakeholder Advisories: Montana State Auditor’S Office, Bcbsmt (Planned But Not Confirmed).
Customer Advisories: credit monitoring offered (unconfirmed)public awareness campaign on identity theft
Customer Advisories: Data breach notifications sent to affected individuals; legal review form provided for potential compensation claims (https://www.lynchcarpenter.com)
Stakeholder Advisories: Montana Commissioner Of Securities And Insurance (James Brown), Plaintiff Attorneys (Raph Graybill, John Heenan, David Paoli).
Customer Advisories: Breach notice posted on company website (2025-10)Customer notification letters sent starting 2025-10-24
Stakeholder Advisories: Ai Tool For Resident Guidance, Website Updates With Breach Information.
Customer Advisories: Do not share personally identifying information with the AI tool.Use the AI tool to learn about credit freezes, identity theft monitoring, and insurance claims.Contact the Commissioner’s office for one-on-one assistance if needed.
Stakeholder Advisories: Urgent Questions Sent To Bcbsmt/Conduent, Public Awareness Campaign For Affected Residents, Ai Assistant Deployed For Consumer Inquiries.
Customer Advisories: Monitor Explanation of BenefitsReport suspicious activity immediatelyVisit csimt.gov for AI-assisted support
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Montana State Auditor’S Office, Bcbsmt (Planned But Not Confirmed), Credit Monitoring Offered (Unconfirmed), Public Awareness Campaign On Identity Theft, , Data breach notifications sent to affected individuals; legal review form provided for potential compensation claims (https://www.lynchcarpenter.com), Montana Commissioner Of Securities And Insurance (James Brown), Plaintiff Attorneys (Raph Graybill, John Heenan, David Paoli), Breach Notice Posted On Company Website (2025-10), Customer Notification Letters Sent Starting 2025-10-24, , Ai Tool For Resident Guidance, Website Updates With Breach Information, Do Not Share Personally Identifying Information With The Ai Tool., Use The Ai Tool To Learn About Credit Freezes, Identity Theft Monitoring, And Insurance Claims., Contact The Commissioner’S Office For One-On-One Assistance If Needed., , Urgent Questions Sent To Bcbsmt/Conduent, Public Awareness Campaign For Affected Residents, Ai Assistant Deployed For Consumer Inquiries, Monitor Explanation Of Benefits, Report Suspicious Activity Immediately, Visit Csimt.Gov For Ai-Assisted Support and .
High Value Targets: Client Files Containing Pii/Phi,
Data Sold on Dark Web: Client Files Containing Pii/Phi,
Entry Point: third-party vendor (Conduent)
High Value Targets: Pii, Health Records,
Data Sold on Dark Web: Pii, Health Records,
High Value Targets: Financial Information, Medical Records,
Data Sold on Dark Web: Financial Information, Medical Records,
Entry Point: third-party vendor (Conduent)
High Value Targets: Pii, Phi, Billing Data,
Data Sold on Dark Web: Pii, Phi, Billing Data,
Corrective Actions: New Cybersecurity Initiatives By Montana State Auditor’S Office, Statewide Public Awareness Campaign On Fraud Prevention,
Root Causes: Failure To Encrypt Sensitive Data., Inadequate Third-Party Vendor Security Oversight., Delayed Breach Detection/Response (October 2024–January 2025)., Lack Of Proactive Customer Notification (Violated Montana Law)., Poor Data Retention Practices (Retaining Data Longer Than Necessary).,
Corrective Actions: Mandatory Encryption For All Pii/Health Data., Third-Party Vendor Security Assessments., Immediate Breach Notification Protocols., Periodic Security Audits (Internal + Independent)., Staff Training On Data Handling., Prohibition Of Cloud Storage For Unencrypted Pii., 10-Year Third-Party Compliance Monitoring.,
Root Causes: Third-Party Vendor Vulnerability (Specifics Undisclosed),
Corrective Actions: Implementation Of Ai-Powered Resident Assistance Tool, Enhanced Communication Via Website Updates, Encrypted And Monitored Ai Interactions To Prevent Secondary Breaches,
Corrective Actions: Ai Tool Deployment For Consumer Support, Potential Legislative Updates For Ai/Cybersecurity Oversight,
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity Data Mining Experts (Conduent), , Legal Firms (Graybill Law, Heenan And Cook, Paoli Law), Potential Future Auditors, , Ai Tool Interactions Encrypted And Monitored, .
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: New Cybersecurity Initiatives By Montana State Auditor’S Office, Statewide Public Awareness Campaign On Fraud Prevention, , Mandatory Encryption For All Pii/Health Data., Third-Party Vendor Security Assessments., Immediate Breach Notification Protocols., Periodic Security Audits (Internal + Independent)., Staff Training On Data Handling., Prohibition Of Cloud Storage For Unencrypted Pii., 10-Year Third-Party Compliance Monitoring., , Implementation Of Ai-Powered Resident Assistance Tool, Enhanced Communication Via Website Updates, Encrypted And Monitored Ai Interactions To Prevent Secondary Breaches, , Ai Tool Deployment For Consumer Support, Potential Legislative Updates For Ai/Cybersecurity Oversight, .
Last Attacking Group: The attacking group in the last incident was an Unauthorized user.
Most Recent Incident Detected: The most recent incident detected was on 2025-01-13.
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-10-01.
Most Recent Incident Resolved: The most recent incident resolved was on 2023-02-01.
Highest Financial Loss: The highest financial loss from an incident was {'estimated_cost_per_victim': '$20,000 (medical identity theft)', 'total_potential_cost': None, 'credit_monitoring_cost': '$200/year per class member (minimum 5 years)', 'out_of_pocket_costs': 'common for victims'}.
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Information, Medical Information, , names, addresses, birth dates, phone numbers, billing data, medical data, other sensitive information, , telephone numbers, fax numbers, email addresses, medical record numbers, health plan beneficiary numbers, account numbers, medical/dental service details, billing information, names, addresses, dates of birth, service dates, , birth dates, Social Security numbers, health condition data, personally identifiable information (PII), , financial information, medical records, , names, addresses, birth dates, billing data, medical data, phone numbers, other sensitive information and .
Most Significant System Affected: The most significant system affected in an incident was Conduent’s environment (limited portion) and third-party vendor systems (Conduent)customer databases.
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cybersecurity data mining experts (conduent), , legal firms (graybill law, heenan and cook, paoli law), potential future auditors, .
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was breach closed in February 2023.
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, dates of birth, birth dates, Personal Information, Medical Information, addresses, medical data, phone numbers, health condition data, medical/dental service details, service dates, fax numbers, email addresses, financial information, personally identifiable information (PII), other sensitive information, billing data, health plan beneficiary numbers, account numbers, Social Security numbers, medical record numbers, medical records, billing information and telephone numbers.
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.8M.
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was full-scale investigation by Montana State Auditor’s office, potential enforcement actions, , Potential class action lawsuit (Lynch Carpenter, LLP investigating claims), class-action lawsuit (7 counts), Montana Commissioner of Securities and Insurance investigation, , class-action lawsuit filed by residents, , investigation ongoing; potential enforcement authority.
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Delayed responses exacerbate financial and reputational damage., Proactive use of AI tools can enhance post-breach resident support and triage, especially for large-scale incidents with limited staff resources. Ensuring AI tools are isolated from sensitive systems and comply with privacy standards mitigates secondary risks.
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Strengthen regulatory accountability for data breaches, Provide comprehensive staff training on data security., Explore AI for regulatory efficiency (e.g., insurance product reviews), Offer free credit/identity theft monitoring to affected customers., Prohibit storing PII on unsecured cloud services., Establish clear breach notification protocols (comply with Montana’s ‘without reasonable delay’ law)., Provide clear, accessible guidance for affected individuals on steps like credit freezes and identity theft monitoring., Conduct regular security audits (internal + third-party)., Monitor for patterns in resident inquiries to identify unattended issues post-breach., Implement robust encryption for all sensitive data., Enhance third-party vendor cybersecurity oversight, Engage a third-party monitoring firm for 10+ years post-breach., Monitor Explanation of Benefits for suspicious activity, Implement AI-driven support tools for large-scale breach responses to improve real-time assistance., Ensure third-party vendors adhere to robust cybersecurity standards to prevent supply-chain breaches., Implement statewide public awareness campaigns for identity theft prevention, Update Montana laws to address AI and cybersecurity gaps (potential 2027 legislative action) and Enforce strict data retention/deletion policies..
Most Recent Source: The most recent source of information about an incident are U.S. Securities and Exchange Commission (SEC) Filing by Conduent, Q2 News (Helena, MT), Lynch Carpenter LLP Investigation Page, Montana Commissioner of Securities and Insurance Investigation, Montana Commissioner of Securities and Insurance, NBC Montana, GLOBE NEWSWIRE Press Release, Lewis and Clark County District Court (Class-Action Lawsuit Filing), Montana Commissioner of Securities and Insurance (csimt.gov), Newsweek, Daily Montanan, Montana State Auditor and Commissioner of Securities and Insurance (James Brown) Statements, 2007 General Accounting Office Report (Data Fraud Timelines) and Experian Study (Medical Identity Theft Costs).
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.newsweek.com, https://www.lynchcarpenter.com, https://dailymontan.com, https://csimt.gov, https://csimt.gov .
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (led by Montana State Auditor).
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Montana State Auditor’s office, BCBSMT (planned but not confirmed), Montana Commissioner of Securities and Insurance (James Brown), Plaintiff attorneys (Raph Graybill, John Heenan, David Paoli), AI tool for resident guidance, website updates with breach information, Urgent questions sent to BCBSMT/Conduent, Public awareness campaign for affected residents, AI assistant deployed for consumer inquiries, .
Most Recent Customer Advisory: The most recent customer advisory issued were an credit monitoring offered (unconfirmed)public awareness campaign on identity theft, Data breach notifications sent to affected individuals; legal review form provided for potential compensation claims (https://www.lynchcarpenter.com), Breach notice posted on company website (2025-10)Customer notification letters sent starting 2025-10-24, Do not share personally identifying information with the AI tool.Use the AI tool to learn about credit freezes, identity theft monitoring, and insurance claims.Contact the Commissioner’s office for one-on-one assistance if needed. and Monitor Explanation of BenefitsReport suspicious activity immediatelyVisit csimt.gov for AI-assisted support.
Most Recent Entry Point: The most recent entry point used by an initial access broker was an third-party vendor (Conduent).
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Failure to encrypt sensitive data.Inadequate third-party vendor security oversight.Delayed breach detection/response (October 2024–January 2025).Lack of proactive customer notification (violated Montana law).Poor data retention practices (retaining data longer than necessary)., third-party vendor vulnerability (specifics undisclosed).
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was New cybersecurity initiatives by Montana State Auditor’s officeStatewide public awareness campaign on fraud prevention, Mandatory encryption for all PII/health data.Third-party vendor security assessments.Immediate breach notification protocols.Periodic security audits (internal + independent).Staff training on data handling.Prohibition of cloud storage for unencrypted PII.10-year third-party compliance monitoring., Implementation of AI-powered resident assistance toolEnhanced communication via website updatesEncrypted and monitored AI interactions to prevent secondary breaches, AI tool deployment for consumer supportPotential legislative updates for AI/cybersecurity oversight.
.png)
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid