MOVEit Global Data Security Incident

MOVEit Global Data Security Incident

Yesterday, UMass Chan Medical School (“UMass Chan”), began notifying certain individuals currently or previously enrolled in certain state programs, including MassHealth, that their personal information may have been involved in a recent third-party data security incident. 

Those primarily impacted are State Supplement Program (SSP) participants (including recipients, other members of the household and authorized representatives), MassHealth Premium Assistance members, MassHealth Community Case Management participants, and Executive Office of Elder Affairs (EOEA) and Aging Services Access Points (ASAP) home care program consumers. Anyone who does not participate in one of those programs is unlikely to have had their data exposed. 

A copy of the press release can be found here. If members are impacted, they will receive a letter in the mail. 

This incident was part of a worldwide data security incident involving a file-transfer software program called MOVEit, which has impacted state and federal government agencies, financial services firms, pension funds, and many other types of companies and not-for-profit organizations. No UMass Chan or state systems were compromised in this incident. Impacted individuals will be sent a notice by mail and will be contacted by phone, text, and e-mail where possible.

Any individual who receives a notice is encouraged to take steps to protect their information. UMass Chan is offering free credit monitoring and identity theft protection services to individuals whose Social Security numbers, driver’s license numbers, and/or financial information were involved in this incident.

For more information, please visit mass.gov/MOVEitIncident or umassmed.edu. Individuals who receive notification that their data is involved and have further questions may call 855-862-7769, Monday through Friday, from 9:00 a.m. to 5:00 p.m., ET.