
Meridian Health Plan of Illinois, a managed care health plan that provides government-sponsored coverage in Illinois, disclosed a data breach that affected approximately 21,027 individuals in the United States.
Meridian of Illinois learned of the incident on April 28, 2026. An unauthorized individual gained access to certain member information through the Meridian provider portal. A provider portal is a secure online system that health care providers typically use to manage patient information and process claims.
The types of personally identifiable information (PII) exposed in the breach included member names, contact information and dates of birth.
The types of protected health information (PHI) exposed in the breach included Member ID numbers, health plan name, limited eligibility or claims-related details, and limited provider or claim-related details.
The breach was disclosed to the U.S. Department of Health and Human Services on June 19, 2026. Meridian of Illinois also posted a provider portal incident notice on its website on June 17, 2026.
Meridian of Illinois provided a notice with detailed guidance on how affected individuals could protect themselves from potential identity theft. This included information about the three major credit reporting agencies and explained how individuals could place fraud alerts or freeze their credit reports.
The company's notice provided identity theft protection guidance but did not include an offer of free credit monitoring or identity protection services for affected individuals.
For those with questions about the incident, the company directed them to contact Meridian Member Services at 866-606-3700 (TTY 711), available Monday through Friday from 8 a.m. to 5 p.m.








.webp)
.webp)
.webp)

.webp)
.webp)
.webp)
.webp)