DAYTON, Ohio — On Monday, Travis Ransom got three letters in the mail at his Zanesville home. Each one was from his medical insurance company, CareSource. There was one for him and two more for his children.
"My kids are screwed. Because of someone being careless about their database in their system. That's what really breaks my heart the most is my children could suffer from this tremendously,” he said.
The letter from CareSource informed them they had all been victims of a cyberattack. Their social security numbers, member IDs, and health history -- now in the hands of criminals.
Two of the letters he received Monday were dated Sept. 15. One was dated Sept. 18th. The hack happened through a vendor that CareSource uses and it occurred on May 31st.
"It's hit the internet. You can't stop it now,” Ransom said about his personal information.
On Sept. 22nd, a federal class action lawsuit was filed claiming more than three million people were affected by the breach.
The complaint accuses the Clop Crime Group for the attack which targets MOVEit file transfer software, the vendor CareSource used.
The lawsuit accuses CareSource of violating health privacy laws by failing to protect personal health information. It also says CareSource failed to follow industry standards for cybersecurity.
CareSource has not filed a response in court.
“Now that they have that information, it can be used anywhere,” Ransom said.
Travis said he is taking all necessary steps possible by freezing his credit, filing an FTC report, and requesting copies of his medical records. But he said the damage is already done.
“It really sucks because I shouldn't have to, because CareSource did a good job in the first place,” Ransom said.
A CareSource spokesperson provided the following statement in an e-mail to 10TV:
“CloP, a Russia-based ransomware gang, recently victimized more than 65 million people and 2,000+ organizations, including CareSource, who use the MOVEit software program. CareSource quickly took steps to support its members impacted by this global security event by retaining a leading cybersecurity firm, providing complimentary credit and identity monitoring, fraud consultation and identity theft restoration services, and training teams to help members access these free services to protect and monitor their data.”