Hawaii Medical Service Administration (HMSA) members’ data may have been compromised following a cyber attack on their health management service vendor, Navvis. In early September 2023, Navvis announced a data privacy event that led to the compromise of personal and protected health information for both former and current HMSA employees.
Upon discovering the incident, Navvis initiated an immediate investigation to determine the extent of the breach and involved authorities. A forensics review of all systems was conducted to confirm the stored information and its owners.
Navvis is taking steps to enhance its data privacy policies and procedures to minimize the likelihood of similar events in the future. As the affected individuals are identified, Navvis is sending notification letters and providing resources to safeguard their information. Free credit monitoring services are also being offered to those impacted.
HMSA emphasizes the importance of protecting its members’ confidential information and is actively working to understand the full extent of the incident to ensure the security of member information.
Individuals who may have been affected by the data breach are encouraged to be vigilant for potential identity theft or fraud incidents, review account statements, and check credit reports for any suspicious activity. Navvis has provided a dedicated hotline for those affected to inquire further and seek assistance.
For further information or assistance, individuals affected by the data breach can call (888) 996-4022 between 4 a.m. and 5 p.m. Hawaii time, Monday through Friday. The ongoing situation is being closely monitored to address any developments related to the incident.