Parker-Hannifin discloses breach affecting employee health plan data
On March 14, Parker-Hannifin discovered unauthorized access to to their IT systems that began three days earlier. Their investigation determined some files on Parker’s IT systems had been accessed and possibly acquired by the attacker.
The information involved related to current and former employees, their dependents, and members of Parker’s Group Health Plans (including health plans sponsored by an entity acquired by Parker), and included the following types of information:
names in combination with one or more of the following: Social Security numbers, dates of birth, addresses, driver’s license numbers, U.S. passport numbers, financial account information (bank account and routing numbers), online account usernames / passwords, enrollment information, including health insurance plan member ID numbers, and dates of coverage. For a very small number of these individuals, the files also included dates of coverage, dates of service, provider names, claims information, and medical and clinical treatment information.
The Ohio-headquartered firm issued a press release on May 13 and uploaded a statement on its website. Those affected are being offered two years of enrollment in Experian’s IdentityWorks.