Sav-Rx Data Breach Exposes PII Including Social Security Numbers

Will Gendron

Editor in Chief

Published

May 28, 2024

Updated

August 15, 2024

Sav-Rx

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

On October 8, 2023, A&A Services d/b/a Sav-Rx experienced a significant disruption to their computer network, which was identified as a data breach. The company's IT systems were compromised, allowing an unauthorized third party to access and potentially acquire sensitive data, affecting 67,341 people in the state of Texas alone. The breach was detected promptly, and the IT systems were restored the following business day, ensuring that prescription services were not delayed. However, the forensic investigation revealed that the breach initially occurred around October 3, 2023, and the unauthorized access involved certain non-clinical systems containing health information.

Information Exposed

The data accessed during the incident included a range of personal information:

Name of individual
Address
Social Security Number Information
Health Insurance Information
Date of Birth

Sav-Rx's Response

Following the discovery of the data breach, Sav-Rx took immediate steps to secure their systems and mitigate any potential impact. The company engaged with third-party cybersecurity experts to contain the incident and ensure that any data acquired was destroyed and not further disseminated. Sav-Rx has also enhanced their security protocols, technology, and employee training to prevent future breaches. Law enforcement authorities were promptly notified, and the company has been cooperating with investigations.

Recommended Actions for Affected Individuals

If you believe your information may have been compromised in this breach, it is crucial to take the following steps:

Enroll in the complimentary credit monitoring and identity theft restoration services offered by Sav-Rx through Equifax. You can enroll by visiting Equifax’s activation page.
Regularly review your account statements and monitor your credit reports. You can obtain a free credit report from each of the three major credit reporting agencies once every 12 months at Annual Credit Report.
Consider placing a fraud alert or a security freeze on your credit files, which can help prevent identity thieves from opening new accounts in your name.
Report any suspicious or fraudulent activity to your financial institutions and the appropriate authorities, including the Federal Trade Commission at FTC Identity Theft or by calling 1-877-ID-THEFT (1-877-438-4338).

About A&A Services d/b/a Sav-Rx

Sav-Rx, managed by A&A Services, is a provider of managed care prescription services. The company aims to reduce healthcare costs through its prescription benefit programs, serving over 10 million members across the United States.

For further details about the data breach and the company’s response, please refer to the disclosures on the Texas Attorney General’s website and the California Attorney General’s website.