Hope Health Systems Inc.
Informational Website
This website is maintained by IDX on behalf of Hope Health Systems Inc. for the purpose of providing you with valuable services and information to mitigate any risks in the event that you experience identity theft as a result of this situation
Notice of Data Security Event
Hope Health Systems Inc. (“HHS”), recently became aware of potentially suspicious activity within certain HHS computer systems that may have impacted the privacy of certain consumer information. HHS took immediate steps to investigate the nature and scope of the event. HHS is issuing this notice to provide information about the incident and steps potentially impacted individuals may take to protect against misuse of their information, where appropriate.
WHAT HAPPENED?
On June 20, 2022, HHS discovered encrypted files on certain computer systems. They immediately launched an investigation with the assistance of third-party cybersecurity and digital forensic specialists to determine the nature and scope of the incident. The investigation determined that there was unauthorized access to certain HHS servers beginning on June 10, 2022. On or about August 24, 2022, HHS determined it was unable to rule out unauthorized access to data stored on its affected systems. The investigation found no evidence that specific information was actually viewed by an unauthorized individual, but the investigation was unable to rule this activity out with absolute certainty. As access to data stored within their system could not be ruled out, they immediately undertook a review of the data at issue. This process completed on or about October 18, 2022. While HHS does not have any evidence of misuse of any consumer information in connection with this incident, out of an abundance of caution, HHS is providing notice of the event so potentially affected individuals may take steps to better protect their personal information, should they feel it is appropriate to do so.
WHAT INFORMATION WAS INVOLVED?
The information potentially at risk varies by individual. HHS continues efforts to notify potentially affected individuals directly. While those efforts remain underway, the consumer information potentially at risk may include the following types of information: name, address, date of birth, Social Security number, driver’s license number, health insurance information, and medical information.
WHAT IS HHS DOING?
Information security remains one of the highest priorities for HHS. HHS is evaluating its existing policies, procedures, and processes, including those related to cybersecurity, to determine whether additional measures are appropriate in an effort to reduce the likelihood of a similar future event.
WHAT CAN I DO?
HHS will provide direct notice to potentially affected individuals for whom we have address information beginning on or about November 21, 2022. Additional information is included in that notice. We encourage all persons who receive services from HHS and their caregivers to remain vigilant against incidents of identity theft and fraud by regularly reviewing account statements, explanation of benefits forms, and free credit reports for suspicious activity and to detect errors. You may also review and consider the information and resources outlined in the below “Steps Individuals Can Take To Help Protect Their Information.”
FOR MORE INFORMATION.
We understand that individuals may have questions that are not addressed in this notice. Should individuals have questions regarding this event, they may call a dedicated assistance line at 1-833-896-4932, which is available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time. Individuals may also write to HHS at 1726 Whitehead Road, Suite 106, Gwynn Oak, Maryland 21207.
STEPS INDIVIDUALS CAN TAKE TO HELP PROTECT THEIR INFORMATION
Monitor Your Accounts
Individuals are encouraged to remain vigilant against incidents of identity theft and fraud, to review account statements, explanation of benefits forms, and to monitor credit reports for suspicious activity and to detect errors. Under U.S. law you are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also contact the three major credit bureaus directly to request a free copy of your credit report.
Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the three major credit reporting bureaus listed below.
As an alternative to a fraud alert, consumers have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer’s express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a credit freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a credit freeze on your credit report. To request a credit freeze, you will need to provide the following information:
- Full name (including middle initial, as well as Jr., Sr., II, III, etc.);
- Social Security number;
- Date of birth;
- Addresses for the prior two to five years;
- Proof of current address, such as a current utility bill or telephone bill;
- A legible photocopy of a government-issued identification card (state driver’s license or ID card, etc.); and
- A copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft if you are a victim of identity theft.
Should you wish to place a credit freeze, please contact the three major credit reporting bureaus listed below:
Equifax | Experian | TransUnion |
https://www.equifax.com/personal/credit-report-services/ | https://www.experian.com/help/ | https://www.transunion.com/credit-help |
1-888-298-0045 | 1-888-397-3742 | 1-833-395-6938 |
Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069 | Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013 | TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016 |
Equifax Credit Freeze, P.O. Box 105788 Atlanta, GA 30348-5788 | Experian Credit Freeze, P.O. Box 9554, Allen, TX 75013 | TransUnion Credit Freeze, P.O. Box 160, Woodlyn, PA 19094 |
Additional Information
You may further educate yourself regarding identity theft, fraud alerts, credit freezes, and the steps you can take to protect your personal information by contacting the consumer reporting bureaus, the Federal Trade Commission, or your state Attorney General. The Federal Trade Commission may be reached at: 600 Pennsylvania Avenue NW, Washington, D.C. 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. You can obtain further information on how to file such a complaint by way of the contact information listed above. You have the right to file a police report if you ever experience identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, you will likely need to provide some proof that you have been a victim. Instances of known or suspected identity theft should be reported to law enforcement and your state Attorney General. This notice has not been delayed by law enforcement.
For Maryland residents, the Maryland Attorney General may be contacted at: 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; 1-410-528-8662 or 1-888-743-0023; and www.oag.state.md.us. Individuals may obtain information from these sources and/or the Federal Trade Commission using the contact information noted above about steps you can take to avoid identity theft. Individuals may also write to HHS at 1726 Whitehead Road, Suite 106, Gwynn Oak, Maryland 21207.
Enrollment
As a result of this incident and at no cost to you, Hope Health Systems Inc. is offering IDX identity theft protection services which helps protect your identity with:
Enroll Now-
Credit Monitoring
Credit monitoring (for adults) that alerts you to any changes to your credit report
-
Dedicated Experts
Access to Fraud Resolution Representatives to resolve identity theft issues
-
CyberScan™
CyberScan will monitor criminal websites, chat rooms, and bulletin boards for illegal selling or trading of your personal information
-
Exclusive Information
Exclusive educational materials on protecting your identity including instructive articles, up-to-date information on new identity theft scams and tips for protecting yourself
-
ID Theft Insurance
Up to $1,000,000 in insurance reimbursements, covering certain expenses that you may incur in responding to an ID theft event
Frequently Asked Questions
What Happened?
- What Happened?
On June 20, 2022, HHS discovered encrypted files on certain computer systems. They immediately launched an investigation with the assistance of third-party cybersecurity and digital forensic specialists to determine the nature and scope of the incident. The investigation determined that there was unauthorized access to certain HHS servers beginning on June 10, 2022. On or about August 24, 2022, HHS determined it was unable to rule out unauthorized access to data stored on its affected systems. The investigation found no evidence that specific information was actually viewed by an unauthorized individual, but the investigation was unable to rule this activity out with absolute certainty. As access to data stored within their system could not be ruled out, they immediately undertook a review of the data at issue. This process completed on or about October 18, 2022. While HHS does not have any evidence of misuse of any consumer information in connection with this incident, out of an abundance of caution, HHS is providing notice of the event so potentially affected individuals may take steps to better protect their personal information, should they feel it is appropriate to do so.
- WHAT INFORMATION WAS INVOLVED?
The information potentially at risk varies by individual. HHS continues efforts to notify potentially affected individuals directly. While those efforts remain underway, the consumer information potentially at risk may include the following types of information: name, address, date of birth, Social Security number, driver’s license number, health insurance information, and medical information.
- WHAT IS HHS DOING?
Information security remains one of the highest priorities for HHS. HHS is evaluating its existing policies, procedures, and processes, including those related to cybersecurity, to determine whether additional measures are appropriate in an effort to reduce the likelihood of a similar future event.
- WHAT CAN I DO?
HHS will provide direct notice to potentially affected individuals for whom we have address information beginning on or about November 21, 2022. Additional information is included in that notice. We encourage all persons who receive services from HHS and their caregivers to remain vigilant against incidents of identity theft and fraud by regularly reviewing account statements, explanation of benefits forms, and free credit reports for suspicious activity and to detect errors. You may also review and consider the information and resources outlined in the below “Steps Individuals Can Take To Help Protect Their Information.”
- FOR MORE INFORMATION.
We understand that individuals may have questions that are not addressed in this notice. Should individuals have questions regarding this event, they may call a dedicated assistance line at (833) 896-4932, which is available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time. Individuals may also write to HHS at 1726 Whitehead Road, Suite 106, Gwynn Oak, Maryland 21207.
Minor Support Information
- Why can’t I pull my child’s credit report?
Most minors, under the age of 18, do not have a credit history established and are under the age to secure credit, therefore there is no credit report to pull.
- How can I check to see if someone has created a credit file using my child’s information?
TransUnion offers a secure online form that you can use to submit your child’s information to see if a credit file exists. Click here to go directly to the secure online form.
Additional information on child ID theft can also be found here.
Decedent Support Information
- What kind of coverage will the membership offer to someone who is deceased?
With this enrollment we will provide you, their legal representative, resolution assistance should they fall victim to fraudulent activity. The protection services apply to their identity, but the membership is truly there to support you if something were to happen.
- Why can’t I activate/authenticate the monitoring product for a deceased individual?
In most cases, decedents cannot be authenticated because the Social Security Administration or their legal representative (spouse, child, etc.) has already notified the credit bureaus that the person is deceased. If the credit bureaus have “frozen” the decedent’s credit files, the risk of identity theft has been significantly reduced.
Please know that the membership still provides recovery services to support you, their legal representative, if something was to happen; which is the real and true value.
- Is it possible to steal a deceased person’s identity?
Unfortunately, it is possible to steal the identity of someone who is deceased. Identity thieves obtain information about deceased individuals in various ways.
- How can someone steal a deceased person’s identity?
They may watch the obituaries, steal death certificates, or even get the information from websites that offer the Social Security Death Index file (which is actually intended for genealogy research).
- Does the Social Security Administration notify the credit bureaus and other financial institutions when someone is deceased?
Yes, but please be aware that it takes time for the Social Security Administration to conduct this notification, so financial institutions and the credit bureaus are not immediately made aware that a customer is deceased.
- Should I notify the credit bureaus when a dependent family member or spouse passes away?
Yes, you should immediately notify each credit bureau (Equifax, Experian, and TransUnion) in writing that the person is deceased and ask that a deceased alert be placed on their credit report.
- How do I place a deceased alert on the credit file?
You will want to notify each credit bureau (Equifax, Experian and TransUnion) in writing the following message:
“Deceased. Do not issue credit. If an application is made for credit, notify the following person(s) immediately: (list the next surviving relative, executor/trustee of the estate and/or local law enforcement agency- noting the relationship).”
Mail all correspondence via certified mail, return receipt requested. Be sure to keep photocopies of all correspondence, including letters that you send. Finally, you should also request a copy of the credit report.
Equifax
PO Box 740260
Atlanta, GA 30374Experian
PO Box 9554
Allen, TX 75013
(888)397-3742TransUnion
PO Box 2000
Chester, PA 19022- What documents will I need to send to the credit bureaus alerting them that the person is deceased?
You will need to include:
- A copy of the death certificate
- Name and SSN of deceased
- Last known address
- Date of birth
- Date of death
- Should I notify other financial institutions regarding the death?
Yes, immediately notify relevant credit card companies, banks, stock brokers, loan/lien holders, and mortgage companies of the death. The executor or surviving spouse will need to discuss all outstanding debts and how they will be dealt with. You will need to transfer the account to another person or close the account. If you close the account, ask them to list it as: “Closed. Account holder is deceased.” You may need to provide a copy of the death certificate to creditors as well as the credit bureaus. You should also notify utilities, phone companies, cell phone companies, etc, that you are terminating the account because the account holder is deceased.
- What happens if I do not notify the credit bureaus that the person is deceased?
Without a specific communication, the credit bureaus may not be aware of the death. An active credit file may stay open for up to 10 years without activity. During this time, an identity thief may use the decedent’s Social Security number to open up new lines of credit or apply for loans.
- What steps should be taken if I (surviving spouse or estate executor) suspect that someone is fraudulently using the information of a deceased person?
There are several steps that should be taken:
- You should request a copy of the decedent’s credit reports and place a “deceased alert” on the credit files
- You should also notify the police in the decedent’s jurisdiction and provide any evidence you have of the fraud (collection notice, bills, credit report)
- Notify any creditor, collection agency, credit issuer, utility company that the person is deceased and date of death. Be sure to include a copy of the death certificate. Request an immediate investigation and that they contact you with the results of the investigation. Insist on “Letters of Clearance,” which you should keep with the other estate papers.
- What should be done about joint accounts?
If there is a surviving spouse or other joint account holders, make sure to notify the company that the deceased’s name needs to be removed from the account. They may require a copy of the death certificate to do this, as well as permission from the survivor, or other authorized account holders.
- Is it possible to order a credit report for a deceased person?
If the credit bureaus have been notified of the deceased person’s death, it is not possible to order their credit report. The easiest way to determine this is to try to place a fraud alert for the deceased person. If the fraud alert is placed, then the bureaus have NOT been notified of the person’s death and ordering a report is possible. If you are informed that the fraud alert cannot be placed because the person is deceased, then you know that the bureaus have updated their records and that you will not be able to order a credit report.
Additional Resources
Fraud Alerts
On request, any of the three nationwide consumer credit reporting companies can place a free fraud alert in your file to alert potential creditors that you may be a victim of identity theft; a fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you.
A fraud alert will help prevent someone from opening new accounts in your name. As soon as one credit reporting bureau confirms your fraud alert, the others are automatically notified to place fraud alerts as well. All three bureaus will mail you a confirmation letter and you will be able to order complimentary credit reports for your review.
The easiest way to place an alert is by visiting www.transunion.com or https://fraud.transunion.com/fa/fraudAlert.
You will answer some questions to confirm your identity, and then a 90-day fraud alert will be added to your credit file. TransUnion will give you access to view your report online. You should examine it carefully for accuracy. TransUnion will also share this information with Equifax and Experian who will both mail you confirmation letters containing a number to call to order complimentary copies of your credit reports for review.
To contact one of the credit reporting bureaus, please see below:
Equifax: 1-800-525-6285
PO Box 740260
Atlanta, GA 30374Experian: 1-888-397-3742
PO Box 9554
Allen, TX 75013TransUnion: 1-800-680-7289
PO Box 2000
Chester, PA 19016It is only necessary to contact one of these bureaus and use one of these methods.
You will not be charged for this service. Please note placing a fraud alert may delay your ability to open new lines of credit quickly.
Annual Credit Report
Whether or not you choose to enroll in the IDX identity protection program, you can order a copy of your credit report, for free, once a year from each credit reporting bureau. You can obtain a free credit report by visiting www.annualcreditreport.com or by calling 1-877-322-8228.
Review Your Credit Report
When you receive any credit report, you should review it carefully. Look for accounts you did not open. Look for inquiries from creditors that you did not initiate. Look for personal information, such as home address, employment or Social Security numbers, that are not accurate. If you see anything you do not understand, call the credit reporting bureau at the telephone number on the report.
If your credit report indicates fraud or identity theft, call your local police or sheriff’s office and file a report of identity theft. Get a copy of the police report. You may need to give copies of the police report to creditors to clear up your records. If you suspect that you may be a victim of identity theft and you have enrolled in the IDX identity protection program, you should contact them immediately. You will be able to speak with a knowledgeable advocate about your situation and, if needed, they will open a case to resolve the identity theft on your behalf.
For More information
Should you wish to learn more about identity theft and how to protect yourself, you may contact the Federal Trade Commission at 1-877-438-4338. The FTC website, www.consumer.ftc.gov, also offers additional information on identity theft that you may find helpful.
Security Freezes
The security freeze (or credit freeze) is an option best reserved for people who have experienced extreme identity theft. Because the freeze essentially locks down your credit, it is not a good option for people who are simply seeking extra protection for their credit. We feel that credit monitoring, fraud alerts, and victim restoration services are more than sufficient options for defense against identity theft.
A security freeze will not prevent you from enrolling in our services. You can certainly sign up with us and do not need to lift the freeze to do so. The reason for this is because we do not request your Social Security number to enroll—only name, address, phone, and email. None of these items would necessitate a credit inquiry. However, a security freeze will affect your ability to activate the monitoring portion of your membership. To activate the monitoring portion you will need to temporarily lift your security freeze.
To learn more about security freezes and relevant state laws, contact your State Attorney General’s office or visit the Federal Trade Commission’s website for credit freeze information.
Please note that you must have an established credit file and credit history to place a fraud alert, a credit freeze or utilize www.annualcreditreport.com.