NAHGA Claims Services Data Breach Affects Many

On April 13, 2025, NAHGA Claims Services, a national third-party administrator specializing in accident and health insurance claims, discovered unusual activity on its network systems. Sn investigation with the help of independent cybersecurity experts revealed that, between April 8 and April 10, 2025, files were accessed and potentially acquired by an unauthorized party.

A comprehensive review of the affected files determined that personal information was involved. The exposed data may have included names and additional sensitive details such as Social Security numbers, medical information, insurance policy numbers, and other personally identifiable information (PII) and protected health information (PHI) relevant to insurance claims.

The breach affected individuals associated with NAHGA’s clients, which include schools, colleges, youth camps, daycare centers, volunteer groups, and sports organizations. The exact number of affected individuals has not been disclosed at the time of publishing, but the scope is significant given NAHGA’s national client base and the nature of the data handled.

Attackers were able to acquire files containing sensitive data over a two-day period before the activity was detected. The breach was not the result of a known vulnerability or employee error, but rather a targeted intrusion into NAHGA’s systems.

For more details, the official notice can be reviewed on the South Carolina Attorney General’s security breach disclosure page.

NAHGA Claims Services's response

The company has since implemented enhanced security measures to reduce the risk of future incidents.

NAHGA is offering complimentary identity theft protection services through IDX, a leading data breach recovery provider. Impacted individuals are eligible for up to 24 months of credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services.

Minors are eligible for CyberScan monitoring, insurance reimbursement, and recovery support. Instructions for enrolling in these services are included in the official notice sent to affected individuals.

Those who may have been affected are encouraged to:

• Review account statements and credit reports for suspicious activity
• Consider placing a fraud alert or security freeze on credit files
• Take advantage of the free identity protection services offered
• Report any suspected identity theft to law enforcement or the Federal Trade Commission