Regional Care, Inc. Data Breach Affects 225,728 People Exposing PII

Regional Care, Inc. (RCI), a third-party administrator specializing in managing healthcare costs and benefits, recently experienced a significant data breach. The company discovered the breach on November 8, 2024, and determined that unauthorized access to their systems occurred on two separate dates: September 13, 2024, and September 18, 2024.

This breach has affected a total of 225,728 individuals across the United States, with specific impacts reported in several states. In Texas, 23,215 individuals were affected, while Maine reported 145 affected individuals. Massachusetts experienced 1,139 cases of exposure.

The types of sensitive consumer information exposed during the breach include:

• Full names
• Dates of birth
• Social Security numbers
• Medical records
• Health insurance information

The breach involved highly sensitive personal and medical data, which could potentially lead to identity theft and fraud. Regional Care, Inc. disclosed the breach to the attorney general offices of several states, including California on December 19, 2024, Maine on December 19, 2024, Massachusetts on December 16, 2024, and Texas on December 17, 2024.

The company notified affected consumers via written notices sent through U.S. mail on December 16, 2024.

Regional Care's response

Following the discovery of the breach, Regional Care, Inc. took steps to investigate the incident and notify the appropriate authorities. The company disclosed the breach to state attorney general offices and informed affected individuals directly.

While details about specific mitigation efforts or enhanced security measures were not provided, the company’s notification to consumers suggests they are aware of the potential risks posed by the breach.

Steps to take if you are affected by the data breach

If you believe you may have been affected by the Regional Care, Inc. data breach, it is crucial to take immediate action to protect your personal and financial information. Here are some steps you should consider:

1. Monitor your accounts: Regularly review your bank, credit card, and health insurance statements for any unauthorized activity. Report any suspicious transactions immediately.
2. Place a fraud alert: Contact one of the three major credit bureaus (Equifax, Experian, or TransUnion) to place a fraud alert on your credit file. This will make it harder for thieves to open accounts in your name.
3. Freeze your credit: Consider placing a credit freeze with all three credit bureaus. This prevents creditors from accessing your credit report without your consent.
4. Obtain your free credit report: Visit AnnualCreditReport.com to access your free credit report and check for any unfamiliar accounts or activity.
5. Enroll in identity theft protection services: If Regional Care, Inc. offers free identity theft protection or credit monitoring services, take advantage of them. These services can help detect and address potential misuse of your information.
6. Be cautious of phishing scams: Be wary of unsolicited emails, calls, or messages requesting personal information. Scammers may attempt to exploit the breach by impersonating legitimate organizations.
7. Review your medical records: Check for any discrepancies in your medical records or health insurance claims. Report any inaccuracies to your healthcare provider or insurer.
8. File a complaint if necessary: If you suspect your information has been misused, file a complaint with the Federal Trade Commission (FTC).