On October 24, 2018, the Missouri Department of Health and Senior Services (“Department”) mailed over 10,400 letters to individuals informing them that the Department recently discovered a breach of security of their personal information.  The breach occurred because, sometime before September 30, 2016, an information technology contractor for the State of Missouri, who had worked on a Department information system, improperly retained the information. The past contractor then allowed the information to be stored in an electronic file that was not password-protected. 

The type of personal information found in the electronic file includes names, dates of birth, identification numbers issued by some State agencies and a very limited number of social security numbers.  The types and amount of personal information retained by the contractor varied by person.  Each person did not necessarily have all types of personal information listed previously retained by the contractor.

When the State of Missouri learned of this situation on August 30, 2018, it took immediate steps to secure the information. Since that time, the Department has been diligently analyzing the data contained in the electronic file to determine the scope of the breach and to determine contact information for affected individuals. 

At the present time, the Department has no reason to believe that the information was actually viewed or used by anyone intending harm.  The Department has referred this matter to the appropriate legal authority to investigate and determine appropriate legal action. 

The Department is recommending that individuals remain vigilant by reviewing account statements and monitoring free credit reports for unusual activity. Contact information for consumer credit reporting agencies is below.  You may wish to contact these agencies to place a free fraud alert on your credit or to request a free credit freeze.  Additional information about obtaining credit reports may be obtained from the Federal Trade Commission by visiting https://www.consumer.ftc.gov.

Equifax: 1-800-525-6285; www.equifax.com; https://www.freeze.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241. Experian: 1-888-397-3742; www.experian.com; https://www.experian.com/freeze/center.html; P.O. Box 9532, Allen, TX 75013. TransUnion: 1-800-680-7289; www.transunion.com; https://freeze.transunion.com;  Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790.            

Regarding this matter, Department Director Dr. Randall Williams, said:  “We have concerns that prior to September 30, 2016, a past contracted vendor may have acted illegally by retaining some names, dates of birth, identification numbers issued by some State agencies and a very limited number of social security numbers.  The State learned of this incident on the Thursday before Labor Day.  We immediately worked with other State agencies over the Labor Day holiday to prevent any dissemination of this data now or in the future.  Present leadership takes very seriously our requirement to protect information, and we have referred our findings to the appropriate law enforcement authority.” 

Individuals who received a letter from the Department and have additional questions may call the Missouri Department of Health and Senior Services at 1-888-252-8045, Monday through Friday, 8 a.m. to 5 p.m.

About the Missouri Department of Health and Senior Services: The department seeks to be the leader in protecting health and keeping people safe. More information about DHSS can be found athealth.mo.gov or find us on Facebook and Twitter @HealthyLivingMo.

###