North Dakota Department of Health, Department of Human Services issue notification of data security incident


The following press release is from the North Dakota Department of Health and the North Dakota Department of Human Services:

The North Dakota Department of Human Services, North Dakota Department of Health and Cavalier County Health District (collectively “North Dakota”) is committed to maintaining the privacy and security of the information that it maintains. On October 27, 2020, North Dakota notified certain individuals about an email compromise incident that was the result of a phishing incident. The accessed accounts were limited to the Department of Health, the Department of Human Services, a local public health unit, and a few other state agencies. The incident did not impact State of North Dakota servers and/or systems and was limited to certain employee email accounts only. Upon learning of the situation, North Dakota secured the accounts and commenced a prompt and thorough investigation. As part of its investigation, it worked very closely with external cybersecurity professionals. 

After an extensive forensic investigation and manual document review, North Dakota discovered on August 27, 2020 that the email accounts that were accessed between November 23 and December 23, 2019 contained personal and protected health information, including names, dates of birth, address, medical diagnosis and treatment information, driver’s license number, and mother’s maiden name. Some individuals’ financial account numbers and/or Social Security numbers were also in the impacted accounts. This incident does not affect all patients of North Dakota and not all information was included for all individuals.

North Dakota has no evidence that the purpose of the phishing campaign was to obtain patient information, and does not have any evidence that any of the information has been acquired or misused. Notified individuals have been provided with best practices to protect their information and have been reminded to remain vigilant in reviewing financial account statements on a regular basis for any fraudulent activity. It is also recommended that affected individuals review the explanation of benefits statements that they receive from their health insurance providers and follow up on any items not recognized. Individuals whose Social Security numbers were contained in the impacted accounts have been provided with information about enrolling in a complimentary credit monitoring product. Finally, North Dakota has taken steps to improve internal procedures to identify and remediate future threats in order to minimize the risk of a similar incident in the future.

For further questions or additional information regarding this incident, or to determine if you may be impacted by this incident and are eligible for credit monitoring, a dedicated toll-free response line has been set up at 1-855-914-4648.  The response line is available Monday through Friday, 8:00 a.m. to 8:00 p.m. Central Time.