Brightline Security Break

May 5, 2023

Some UA Employees received a letter in the mail from Brightline last month regarding a data security breach, and a subsequent follow-up email from UA HR two weeks ago. If you received neither the letter nor the email, you were not impacted by the data breach. 

What Happened and Who is Impacted

Brightline provides mental and behavioral health care services to children, and all UA employees with child dependents covered on their health plan are eligible to use their services. Brightline determined that a third-party contractor (Fortra) they utilized suffered a data breach in January. The third party took action to secure their systems and coordinated with Brightline to identify impacted individuals. Again, if you did not receive a letter from Brightline or email from HR about this breach, your data was not impacted.

The breach potentially exposed the following information to unknown people or organizations:

  • Full Legal Names of employees with child dependents covered by a UA health plan
  • Full Legal Names of child dependents
  • Gender of child dependents
  • Dates of birth of child dependents

No Social Security numbers or financial accounts were accessed in the data breach, nor did the exposed information contain anything related to medical services, conditions, diagnoses, or claims for the plan participant or their dependents. Letters from Brightline may have been addressed to both you and your child dependents due to how Brightline and Premera handle protected health information.

What to Do Next

As a precaution, Brightline is providing two years of free credit monitoring through Cyberscout to impacted employees, to which you can opt-in by following the instructions in the letter you received. They have also established a hotline to address questions you may have at 1-833-570-2987. We encourage you to take advantage of this service, even if you are unsure whether your or your children’s information was compromised.

If you have any questions or concerns, you may reach out to HR, but we do encourage you to contact Brightline directly first, as their information may be more timely than ours moving forward. You may also visit hellobrightline.com/fortra-data-notice, for more information, further details, and updates.

UA takes data security very seriously and we are committed to ensuring that your personal information is protected. We apologize for any confusion the letters may have caused, and encourage you to take advantage of the free credit monitoring to help protect yourself and your family.