The Delaware Department of Insurance recently received notice of a data security breach suffered by Dominion National, an insurer and administrator of dental and vision benefits, that impacted 95,000 Delaware residents.

On April 24, 2019, through its investigation of an internal alert, Dominion National discovered that servers containing enrollment data, demographic details and personal information of consumers, plan producers and healthcare providers may have been accessed by an unauthorized party.

The investigation determined that the unauthorized access may have occurred as early as August 25, 2010. Dominion National advised the Department of Insurance that it responded immediately by cleaning the affected servers and initiating a comprehensive review of data stored on or potentially accessible from the servers.

“Upon receiving notice of this breach, I asked that our market conduct division begin an investigation to learn all of the facts behind this incident,” Delaware Insurance Commissioner Trinidad Navarro stated in a press release issued by the Delaware Department of Insurance. “The Department of Insurance will determine if appropriate safeguards were in place and if private consumer information was handled properly.”

On June 17, 2019, the comprehensive review determined that the potentially compromised information might include the following data: names, addresses, dates of birth, email addresses, Social Security numbers, taxpayer identification number, bank account and routing numbers, member ID numbers, group numbers and subscriber names of what amounts to 10% of Delaware’s population.

This number reflects those who are current or former members of Dominion National or of insurance plans administered through Dominion National. Some affected by the data breach may not have had a plan through Dominion National, but had a plan for which Dominion National was the third-party administrator.

According to Dominion National, there is “no evidence that any information was in fact accessed, acquired, or misused.”

The company has implemented enhanced monitoring and alerting software and is providing two years of free credit monitoring and fraud protection services for all individuals potentially impacted by the incident.

Source: Delaware Department of Insurance