(COLORADO) — MCNA Insurance Company (MCNA), which provides services to State Medicaid agencies and the Children’s Health Insurance Program, is reporting a data breach that may impact customers in Colorado.

According to a press release from MCNA, on March 6, the company was notified of unauthorized access to customer data, and said certain systems were infected with “malicious code.”

MCNA said the unauthorized third party was able to gain access to company systems and remove copies of some personal information in its computer system between Feb. 26 – March 7 of 2023.

The personal information that may have been accessed includes:

• Demographic and contact information such as name, date of birth, address, telephone, and email
• Social security numbers
• Driver’s license numbers or government-issued identification number
• Health insurance information, such as plan, insurer, government payor, member Medicaid/Medicare ID number
• Information on dental/orthodontic care
• Billing and claims information, such as account statements, and/or claim status, appeals, and reviews

MCNA said for some individuals, one or more of these data elements regarding the member’s parent, guardian, or guarantor may also have been accessed. MCNA did clarify that not all data elements were accessed for all individuals.

Affected members are being notified and MCNA said it is offering complimentary credit monitoring and identity theft protection services. Concerned individuals are encouraged to carefully review credit reports and statements, and report any suspicious activity to the company that maintained the affected account.

MCNA is also providing notice on its website for those members whose contact information may be insufficient.