HMSA
Company Details
Linkedin ID:
hmsa
Website:
Employees number:
1,448
Number of followers:
10,155
NAICS:
524
Industry Type:
Homepage:
hmsa.com
IP Addresses:
0
Company ID:
HMS_9313774
Scan Status:
In-progress
HMSA Company CyberSecurity Posture
hmsa.com
The Hawaii Medical Service Association (HMSA), an independent licensee of the Blue Cross and Blue Shield Association, is a reliable name in Hawaii health care. Established in 1938, we are the largest and most experienced provider of health care coverage in the state. Over half of Hawaii’s population have chosen HMSA for their health care coverage. We are dedicated to providing quality, affordable health plans; employee benefit services; and worksite wellness programs. HMSA also offers a variety of programs, services and support to help improve the health and well-being of our members and community.
HMSA A.I CyberSecurity Scoring
HMSA Risk Score (AI oriented)Between 700 and 749
HMSA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
HMSA Global Score (TPRM)XXXX
HMSA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
HMSA Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
HMSA: Health Management Systems of America Data Breach Investigation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: HMSA Data Breach Exposes Sensitive Health and Personal Information Hawaii Medical Service Association (HMSA) disclosed a data breach on December 9, 2024, after detecting unauthorized access to a single employee email account due to a spear phishing attack. The incident prompted an internal investigation, which confirmed that an unauthorized third party may have accessed and acquired sensitive personal identifiable information (PII) and protected health information (PHI) contained in the compromised emails. While HMSA has not publicly detailed the specific types of data exposed as of December 16, 2025, the breach notice indicates that affected individuals will receive a list of the impacted information. The organization has posted a breach notification on its website, though the full scope of the incident including the number of individuals affected remains unclear. The breach highlights ongoing risks posed by targeted phishing campaigns in the healthcare sector.
HMSA
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: Hawai‘i Medical Service Association suffered a data breach incident in 2016 which exposed the personal information of 10,800 members. The privacy breach was caused because of an error made with the mailing of care management letters to members. The emails that were sent to incorrect individuals included information about members' specific health condition, Social Security numbers, or other sensitive personal information. HMSA immediately responded to the incident and asked the receiving party to delete the emails and notified the impacted persons of the breach.
HMSA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for HMSA
Incidents vs Insurance Industry Average (This Year)
No incidents recorded for HMSA in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for HMSA in 2026.
Incident Types HMSA vs Insurance Industry Avg (This Year)
No incidents recorded for HMSA in 2026.
Incident History — HMSA (X = Date, Y = Severity)
HMSA cyber incidents detection timeline including parent company and subsidiaries
HMSA Company Subsidiaries
The Hawaii Medical Service Association (HMSA), an independent licensee of the Blue Cross and Blue Shield Association, is a reliable name in Hawaii health care. Established in 1938, we are the largest and most experienced provider of health care coverage in the state. Over half of Hawaii’s population have chosen HMSA for their health care coverage. We are dedicated to providing quality, affordable health plans; employee benefit services; and worksite wellness programs. HMSA also offers a variety of programs, services and support to help improve the health and well-being of our members and community.
Loading...
HMSA Similar Companies
Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communi
China Life Insurance Co.Ltd
China Life Insurance (Group) Company, headquartered in Beijing, is a large state-owned financial and insurance company. Its predecessor,PICC was founded in 1949 and the PICC (Life) Co.,Ltd was set up in 1996 after its separation from the former PICC. In 1999, it was renamed China Life Insurance Comp
HDFC ERGO General Insurance
HDFC ERGO General Insurance Company Limited was promoted by erstwhile Housing Development Finance Corporation Ltd. (HDFC), India’s premier Housing Finance Institution and ERGO International AG, the primary insurance entity of Munich Re Group. Consequent to the implementation of the Scheme of Amalgam
Chubb is a world leader in insurance. With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company
The companies comprising the Farmers Insurance Group of Companies® currently make up one of the country's largest insurers of vehicles, homes and small businesses, and provide a wide range of other specialty insurance and financial services products. In business since 1928, today at Farmers® we pr
USI is one of the largest insurance brokerage and consulting firms in the world, delivering property and casualty, employee benefits, personal risk, program and retirement solutions to large risk management clients, middle market companies, smaller firms and individuals. Headquartered in Valhalla, N
Lockton
What makes Lockton stand apart is also what makes us better: independence. Our private ownership empowers our 13,100+ Associates doing business in over 140+ countries to focus solely on clients' risk and insurance needs. With expertise that reaches around the globe, we deliver the deep understanding
Travelers
Travelers provides insurance coverage to protect the things that are important to you – your home, your car, your valuables and your business. We have been around for more than 170 years and have earned a reputation as one of the best property casualty insurers in the industry because we take care o
Progressive Insurance
Every journey has a beginning, and wherever you are on your career path, we want to help you along the way. At Progressive, we exist to help people move forward and live fully. We strive to create a welcoming and flexible work environment for everyone, where employees are encouraged to risk, learn,
.png)
HMSA CyberSecurity News
December 10, 2025 08:00 AM
HMSA Data Breach Lawsuit Investigation
If you were affected by the Health Management Systems of America data breach, you may be entitled to compensation.
October 23, 2024 07:00 AM
Merger of two local credit unions will expand member benefits
HMSA Employees' Federal Credit Union has merged with Hawaii State Federal Credit Union after a final vote was completed by HMSA EFCU members...
May 16, 2024 07:00 AM
Healthcare Champions 2024
The Queen's Health System | HMSA. The Queen's Health System. Photo Pookela Of The Year Award Qmcwo Ed 6962 2.
March 12, 2024 07:00 AM
HMSA says recent cyberattack is affecting health care services locally, nationally
Two of Hawaii's health care coverage providers – Hawaii Medical Service Association and AlohaCare – shared more about their experience since...
February 03, 2016 08:00 AM
Hawai‘i Medical Service Association Privacy Breach Affects 10,800
Independent Blue Cross Blue Shield licensee Hawai'i Medical Service Association (HMSA) has started sending breach notification letters to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
HMSA CyberSecurity History Information
Official Website of HMSA
The official website of HMSA is http://www.hmsa.com.
HMSA’s AI-Generated Cybersecurity Score
According to Rankiteo, HMSA’s AI-generated cybersecurity score is 700, reflecting their Moderate security posture.
How many security badges does HMSA’ have ?
According to Rankiteo, HMSA currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has HMSA been affected by any supply chain cyber incidents ?
According to Rankiteo, HMSA has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does HMSA have SOC 2 Type 1 certification ?
According to Rankiteo, HMSA is not certified under SOC 2 Type 1.
Does HMSA have SOC 2 Type 2 certification ?
According to Rankiteo, HMSA does not hold a SOC 2 Type 2 certification.
Does HMSA comply with GDPR ?
According to Rankiteo, HMSA is not listed as GDPR compliant.
Does HMSA have PCI DSS certification ?
According to Rankiteo, HMSA does not currently maintain PCI DSS compliance.
Does HMSA comply with HIPAA ?
According to Rankiteo, HMSA is not compliant with HIPAA regulations.
Does HMSA have ISO 27001 certification ?
According to Rankiteo,HMSA is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of HMSA
HMSA operates primarily in the Insurance industry.
Number of Employees at HMSA
HMSA employs approximately 1,448 people worldwide.
Subsidiaries Owned by HMSA
HMSA presently has no subsidiaries across any sectors.
HMSA’s LinkedIn Followers
HMSA’s official LinkedIn profile has approximately 10,155 followers.
NAICS Classification of HMSA
HMSA is classified under the NAICS code 524, which corresponds to Insurance Carriers and Related Activities.
HMSA’s Presence on Crunchbase
No, HMSA does not have a profile on Crunchbase.
HMSA’s Presence on LinkedIn
Yes, HMSA maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hmsa.
Cybersecurity Incidents Involving HMSA
As of January 25, 2026, Rankiteo reports that HMSA has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
HMSA has an estimated 15,153 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at HMSA ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does HMSA detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with asked the receiving party to delete the emails, and remediation measures with notified the impacted persons of the breach, and incident response plan activated with yes, and communication strategy with website breach notice..
Incident Details
Can you provide details on each incident ?
Title: HMSA Data Breach Incident
Description: Hawai‘i Medical Service Association suffered a data breach incident in 2016 which exposed the personal information of 10,800 members. The privacy breach was caused because of an error made with the mailing of care management letters to members. The emails that were sent to incorrect individuals included information about members' specific health condition, Social Security numbers, or other sensitive personal information. HMSA immediately responded to the incident and asked the receiving party to delete the emails and notified the impacted persons of the breach.
Type: Data Breach
Attack Vector: Email
Vulnerability Exploited: Incorrect mailing of care management letters
Title: HMSA Data Breach Due to Spear Phishing
Description: HMSA experienced a data breach where sensitive personal identifiable information and protected health information may have been compromised due to unauthorized access to a single email account via a spear phishing campaign.
Date Detected: 2024-12-09
Date Publicly Disclosed: 2025-12-16
Type: Data Breach
Attack Vector: Spear Phishing
Vulnerability Exploited: Email Account Compromise
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Account.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach HMS11617522
Data Compromised: Specific health conditions, Social security numbers, Other sensitive personal information
Incident : Data Breach HMS1765907786
Data Compromised: Sensitive personal identifiable information and protected health information
Systems Affected: Single email account
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Specific Health Conditions, Social Security Numbers, Other Sensitive Personal Information, , Personal Identifiable Information, Protected Health Information and .
Which entities were affected by each incident ?
Incident : Data Breach HMS11617522
Entity Name: Hawai‘i Medical Service Association
Entity Type: Healthcare
Industry: Healthcare
Location: Hawaii
Customers Affected: 10800
Incident : Data Breach HMS1765907786
Entity Name: HMSA
Entity Type: Healthcare
Industry: Health Insurance
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach HMS11617522
Containment Measures: Asked the receiving party to delete the emails
Remediation Measures: Notified the impacted persons of the breach
Incident : Data Breach HMS1765907786
Incident Response Plan Activated: Yes
Communication Strategy: Website breach notice
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach HMS11617522
Type of Data Compromised: Specific health conditions, Social security numbers, Other sensitive personal information
Number of Records Exposed: 10800
Sensitivity of Data: High
Incident : Data Breach HMS1765907786
Type of Data Compromised: Personal identifiable information, Protected health information
Sensitivity of Data: High
Data Exfiltration: Possible
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Notified the impacted persons of the breach.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by asked the receiving party to delete the emails.
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: HMSA Breach NoticeDate Accessed: 2025-12-16.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach HMS1765907786
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Website breach notice.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach HMS1765907786
Customer Advisories: List of specific types of sensitive information impacted to be provided to affected individuals
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was List of specific types of sensitive information impacted to be provided to affected individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach HMS1765907786
Entry Point: Email Account
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach HMS11617522
Root Causes: Incorrect mailing of care management letters
Incident : Data Breach HMS1765907786
Root Causes: Spear phishing attack leading to unauthorized access to an email account
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-12-09.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-12-16.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Specific health conditions, Social Security numbers, Other sensitive personal information, and Sensitive personal identifiable information and protected health information.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Asked the receiving party to delete the emails.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Sensitive personal identifiable information and protected health information, Social Security numbers, Specific health conditions and Other sensitive personal information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 108.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is HMSA Breach Notice.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an List of specific types of sensitive information impacted to be provided to affected individuals.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Account.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Incorrect mailing of care management letters, Spear phishing attack leading to unauthorized access to an email account.
.png)
Latest Global CVEs (Not Company-Specific)
Description
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction() function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global map engine settings.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Description
The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. NOTE: Successful exploitation of this vulnerability requires that the PDFCrowd API key is blank (also known as "demo mode", which is the default configuration when the plugin is installed) or known.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2. This makes it possible for authenticated attackers, with a lower-privileged role (e.g., Subscriber-level access and above), to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires an admin to grant Hustle module permissions (or module edit access) to the low-privileged user so they can access the Hustle admin page and obtain the required nonce.
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user roles.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Description
The Meta-box GalleryMeta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Risk Information
cvss3
Base: 4.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L119
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L314
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L31
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L33
- https://www.wordfence.com/threat-intel/vulnerabilities/id/bb9ae252-7e5f-4dc0-a162-100493b81980?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=hmsa' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
