Notice to our Members Regarding a Privacy Incident
Community Link, Inc. (“Community Link”) is committed to protecting the confidentiality of our members’ information. Regrettably, this notice concerns an incident involving some of that information.
On May 3, 2017, our Information Technology Security Team discovered an unauthorized party had gained access to one of our employee’s work email accounts. We immediately locked down the email account and began an investigation, which showed that an actor had access to the employee’s email account from 9:49 a.m. – 1:52 p.m. on May 3, 2017. An email in the employee’s account contained a limited number of members’ information, including member names, social security numbers, and member identification numbers, which are social security numbers.
While we have no evidence that our members’ information was ever accessed or used in any way, out of an abundance of caution, we mailed letters to affected members on June 30, 2017 and established a dedicated call center to answer member questions. We are also offering affected members a free one-year memberships of Experian’s® ProtectMyId® Alert. Information on how to activate the subscription was included in the letters sent to affected individuals. If you believe you may have been affected but have not received a letter by July 20, 2017, please call 1-855-878-8555 from 8:00 a.m. and 5:00 p.m. Central Time, Monday through Friday.
Community Link deeply regrets any inconvenience or concern this may cause our members. To help prevent something like this from happening in the future, we have implemented additional security measures for the access of email and use of mobile devices, requiring additional password protection on spreadsheets containing protected health information and conducting refresher training with staff on privacy and security policies and procedures.