Notice to Health Plan Participants
REEF Global Inc. (“REEF”) is committed to protecting the confidentiality and security of the information we hold. REEF recently identified and addressed an incident that may have involved some of that information. This notice explains the incident, outlines the measures we have taken in response, and provides additional steps you can take.
We recently identified unusual network activity that caused certain systems in our network to become unavailable. We immediately began an investigation, a cybersecurity firm was engaged, and measures were taken to address the incident and to restore the systems. We also notified law enforcement and worked to support its investigation. Through the investigation, we learned that there was unauthorized activity in our network beginning sometime after September 30, 2020 through October 15, 2020. During that time, there was unauthorized access to files on REEF file servers. We conducted a careful review of the files involved, and on November 2, 2020, we determined that the files contained information regarding REEF’s health insurance plan, which may have included some enrollees’ names, dates of birth, Social Security numbers, health insurance benefits election information, and premium amounts.
This incident did not involve all current/former REEF employees or their dependents, but only those whose information was included in the files at issue.
As a precaution, we are mailing letters to individuals whose information was identified in the files. We have also established a dedicated, toll-free call center to answer individuals’ questions. As a precaution for those whose Social Security numbers were included in the files, we are offering complimentary credit monitoring and identity protection services. It is always advisable to monitor for the possibility of fraud and identity theft by reviewing your credit report and credit card, bank, and other financial statements for any unauthorized activity. We also recommend that the individuals involved review any statements they receive from their health insurers. If members see charges for services they did not receive, they should contact the insurer immediately.
We regret that this incident occurred and for any inconvenience. We remain committed to protecting the confidentiality and security of our employees’ information. To help prevent something like this from happening again, we are taking steps to enhance our existing security measures and processes, including implementing enhanced network monitoring tools. If you have questions, please call 1-800-830-6240, Monday through Friday, from 8:00 a.m. and 5:00 p.m. Eastern Time.