NAHGA Claims Services Data Breach Affects 181K People Exposing Social Security Numbers

On April 13, 2025, NAHGA Claims Services, a national third-party administrator specializing in accident and health insurance claims, discovered unusual activity on its network systems.

An investigation with the help of independent cybersecurity experts revealed that, between April 8 and April 10, 2025, files were accessed and potentially acquired by an unauthorized party. A review of the affected files determined that personal information of 181,160 people was involved.

The exposed data may have included names and additional sensitive details such as Social Security numbers, medical information, insurance policy numbers, and other personally identifiable information (PII) and protected health information (PHI) relevant to insurance claims. Exposure of PII and PHI puts individuals at risk of identity theft and medical fraud.

The U.S. Department of Health and Human Services disclosed that 26,906 individuals' PHI information have been affected.

NAHGA has disclosed the breach to the Attorney Generals' offices in the following jurisdictions:

• South Carolina (4,381 impacted)
• Massachusetts (1,017 impacted)
• Maine (474 impacted)
• New Hampshire (337 impacted)
• Texas (46,372 impacted)
• Washington (1,621 impacted)
• Iowa (929 impacted)
• Montana (10 impacted)
• Oregon (residents impacted not reported)
• Vermont (residents impacted not reported)
• California (residents impacted not reported)

Impacted individuals have been notified by mail.

NAHGA Claims Services' response

The company has since implemented enhanced security measures to reduce the risk of future incidents. NAHGA is offering complimentary identity theft protection services through IDX, a leading data breach recovery provider. Impacted individuals are eligible for up to 24 months of credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services.

Those who may have been affected are encouraged to:

• Review account statements and credit reports for suspicious activity
• Consider placing a fraud alert or security freeze on credit files
• Take advantage of the free identity protection services offered
• Report any suspected identity theft to law enforcement or the Federal Trade Commission

For more information, impacted individuals can contact the company's dedicated team at 844-274-4845, Monday through Friday, from 9am to 9 pm ET.