Arizona AHCCCS reports of Medicaid members data breach

The Arizona Health Care Cost Containment System (AHCCCS), the state's Medicaid agency, reported a data breach that compromised the personal information of more than 2,600 recipients of Arizona's Medicaid program.

AHCCCS confirmed that on May 11, 2023, personal information belonging to 2,632 Arizona Medicaid members was compromised via an exploited a vulnerability in the Health-e-Arizona Plus (HEAplus) website, allowing unauthorized individuals to access sensitive details, including

• first and last names,
• addresses,
• last four digits of their Social Security numbers.

As soon as the error was discovered, the HEAplus system toolbar was deactivated to prevent further unauthorized access.

The AHCCCS reassured the public that steps have been taken to prevent a recurrence of such breaches in the future. The agency announced that starting from July 3, they will begin notifying the individuals affected by the breach.

If you receive a notification informing you that your personal information was compromised in the breach, the AHCCCS advises taking immediate action. You can contact any of the three major credit reporting agencies (Equifax, Experian, and TransUnion) to report a fraud alert. This alert notifies the agencies that any requests for credit in your name may be fraudulent. Additionally, you can request a security freeze, which prevents agencies from releasing your information without your explicit permission. To initiate a security freeze, you will need to send certified mail to all three credit reporting agencies.

As a consumer, you have the right to obtain one free credit report from each of the three agencies annually.