SEIU 775 Benefits Group Data Breach Affects 140,000 People

A cyberattack on Service Employees International Union 775 (SEIU 775) Benefits Group, which is a benefits manager for home healthcare and nursing home employees, resulted in the removal of sensitive information.

IT employees discovered issues inside SEIU 775’s data systems on or approximately April 4, 2021, which involved the removal of certain information. Third-party cybersecurity specialists and forensic professionals led the investigation into the malicious activity.

According to the investigators, its systems were hacked and the information of unidentified people was deleted, which include personally identifiable information (PII) and protected health information (PHI). Although data was deleted, there is no proof found that suggests the attackers viewed or obtained any PII or PHI and there are no reported incidents of data misuse.

Breached data possibly included names, addresses, and demographic information as well as Social Security numbers and possibly health plan eligibility data. When the malicious activity was discovered, SEIU 775 immediately took steps to block continuing unauthorized access and to control the breach. System security review by third-party cybersecurity specialists is ongoing and SEIU 775 is working directly with its experts to even more reinforce its cybersecurity protection.

SEIU 775 reported the breach to the HHS’ Office for Civil Rights indicating that the attack affected up to 140,000 persons. Victims of the breach were provided free 12-month credit monitoring and identity theft protection/restoration services via Kroll.

This isn’t the only breach that was reported by a benefits administrator in the last few weeks. In May, the 20/20 Hearing Care Network, a vision and hearing benefits administrator in Florida, suffered a case of data deletion. In that occurrence, the breach impacted up to 3.3 million people. The attacker acquired access to its systems and deleted information saved in an unsecured cloud storage bucket by Amazon Web Services. The attacker also downloaded data from the S3 bucket before deletion.

About Christine Garcia 1304 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at