CDPHP Cyber Security Incident Update
CDPHP® has been notified by its vendor, Newkirk Products, Inc. (Newkirk), of a cyber security incident that may impact some CDPHP members. Newkirk, which was acquired by Broadridge Financial Solutions, Inc. on July 1, 2016, is a service provider that issues health care ID cards, as well as member and employer premium bills (where applicable) for CDPHP.
To date, there is no indication that any information has been used inappropriately. In addition, no CDPHP systems have been impacted as a result of this incident.
The information potentially accessed consists of names, mailing addresses, types of plans, member and group ID numbers, member dependents in some cases, and other information found on ID cards, as well as member premium bills. The server did not include Social Security numbers, dates of birth, banking or credit card information, medical information, or any insurance claims information.
An investigation is currently underway, and the appropriate law enforcement and government agencies have been notified. CDPHP members and ASO members who may have been affected are receiving notification by mail, and Newkirk is offering two years of free identity protection and restoration services from AllClear ID to those members.
Members may contact the AllClear ID call center at 1-855-303-9773 between the hours of 9 a.m. and 9 p.m. EST Monday to Saturday. Information regarding the incident, and FAQs, are available at www.newkirkproductsfacts.com.
Please know that the privacy and security of CDPHP members is of the utmost importance, and CDPHP is doing everything they can to safeguard members' information.
Feel free to contact your dedicated Marshall & Sterling Account Manager with any questions.