NationsBenefits Holdings, LLC Discloses Security Breach Impacting New Hampshire Residents and Involving Third-Party Vendor, Fortra

Over 7,000 residents affected by the breach; the company offers complimentary identity protection services

NationsBenefits Holdings, LLC, a leading provider of supplemental benefits and member engagement solutions, announced that it was the victim of a security breach that impacted New Hampshire residents. The breach, which occurred on January 30, 2023, was due to a zero-day security vulnerability in Fortra’s GoAnywhere managed file transfer software. In addition to NationsBenefits, Brightline and Rubrik were also victims of the same security incident involving Fortra, the third-party vendor.

NationsBenefits discovered the incident on February 7, 2023, and immediately contacted Fortra to assist in the investigation. The attack was limited to two managed file transfer servers, with no evidence of the threat actors accessing other applications or systems within NationsBenefits.

The affected data included various elements of health plan members’ information, with the number of impacted New Hampshire residents varying by the plan:

  • Aetna ACE: Approximately 7,001 residents
  • Elevance Health Flexible: Approximately 6 residents
  • UAW Retiree Medical Benefits Trust: Approximately 123 residents

Upon discovering the security incident, NationsBenefits took immediate action to secure its GoAnywhere server by taking it offline and launching an investigation. They have been working with the FBI and a leading cybersecurity firm, McDermott Will & Emery LLP. NationsBenefits has confirmed that the threat actor(s) did not access any applications or systems beyond the Fortra GoAnywhere environment.

NationsBenefits has since taken its GoAnywhere server permanently offline and implemented a new file transfer solution that does not rely on Fortra software. The company is providing complimentary 24-month membership to Experian’s Identity Works for affected members with sensitive data impacted, or where otherwise deemed reasonable and appropriate by NationsBenefits’ clients.

In addition to notifying impacted plan members, NationsBenefits is also providing required notices to the HHS Office for Civil Rights, prominent media outlets, consumer reporting agencies, and certain state agencies.

NationsBenefits regrets the incident and any concern it may cause to affected individuals. For additional questions or support, they have established a dedicated, toll-free call center at 833-420-2834, open Monday through Friday between 9:00 am and 11:00 pm, and Saturday and Sunday between 11:00 am and 8:00 pm Eastern Time, excluding major US holidays.