Third Personal Data Breach Hits UHIP Customers

Apr 14, 2017

Credit Kristin Gourlay / RIPR

State officials say they’ve encountered another personal data breach in the new online system for state benefits like Medicaid – a system called UHIP. Officials say a file containing embedded personal information was posted to the State's Transparency Portal and the General Assembly website. The information has since been removed. 

Officials say they’re working with the technology vendor, Deloitte Consulting, to determine the cause of the breach. They estimate the number of impacted recipients is about 5,600. Officials are not aware of any misuse of personal information so far but they’re offering a year of free credit monitoring services to customers.

This is the third known data breach in the system’s history. Last fall, people who accessed their online accounts from a shared computer may have had some of their personal information exposed. In late February, personal information may have been disclosed in some 1095B tax forms, officials said.

UHIP has been plagued by problems since its rollout, including delays in approving benefits for thousands of Rhode Islanders. In February, the RI ACLU settled with the state over delays in receiving food stamp benefits.