Oregon Medicaid insurers data breach could lead to insurance fraud The Lund Report

pThe states biggest insurer of health care for low income people notified more than 5000 of its members last month two months after a data breach that their personal information had been viewed by unauthorized people and that the information could have been used for insurance fraudppThe breach happened in late October at CareOregon which manages Medicaid benefits for about 500000 people statewide The nonprofit told people in a vague letter two months later on Dec 26 that some of their information had been viewed without permission ppOn October 27 2025 we learned that one or more people looked at your information without permission the notice said CareOregons notice did not explain how the breach occurred and its leadership declined to comment on the details when contacted by The Lund ReportppA spokesperson for the company said 5473 of its members were affected by the breach including 4415 served by CareOregon in the Portland area through Health Share of Oregon Members served by CareOregons two other affiliates were also affected ppThe spokesperson said the company informed members of CareOregon along with those served by Jackson Care Connect in Jackson County and people insured by Columbia Pacific which serves Medicaid members in Clatsop Columbia and Tillamook counties Oregons version of Medicaid is called the Oregon Health PlanppAn Oregon Department of Justice notice of the breach said it happened between the end of May and end of October last year and that it was discovered Oct 17ppThe data included peoples names date of birth Medicaid and Medicare numbers health plan information and primary care providers office the letter said It added that the breach did not include peoples Social Security numbersppThe letter said that the stolen information could have been used to create fake insurance claims but that the company had no idea whether that had happened It warned them to disregard any bills stemming from CareOregon or Health Share of OregonppWe do not bill you for any covered health care services the letter said You will not receive a bill even if your data was used to create a fake insurance claimppThe letter said the information would not be enough for someone to open a fake bank or other financial account But it still urged affected members to monitor their financial information for any fraudulent activity ppIts unclear from the letter whether the data breach originated from inside or outside the organizationppThe breach was one of hundreds in the health care sector affecting at least 57 million people last year according to the HIPAA JournalppThe letter said the company is taking this event very seriously and has reported it to law enforcement It also said itppMembers affected by the breach may get a letter listing health services they should have received and they should alert CareOregon if they had not received any services on the list ppConsumers can get free copies of their credit reports every 12 months by going online at httpsannualcreditreportcom They can also call the tollfree number 8773228228 for help or contact any of the three main credit agenciesppFor more information cal 8883670355 which is toll free from 12 pm to 12 am Pacific Standard Time ppSign up for our health news updatesppSecurely submit an anonymous news tip or confidential documentppDONATEppSupport our journalism by making a taxdeductible giftppThe Lund ReportppPO Box 82841ppPortland OR 97282ppemail protectedpp5038948548pp 2026 The Lund Reportp