The online hack occurred in March. Fortunately, the hacker failed to gain access to anyone’s Social Security numbers or financial account information.
HARTFORD, Conn. — Hartford HealthCare’s payment accounts on the HUSKY provider portal website were hacked in March, as a criminal accessed the personal information of approximately 22,500 people.
The Connecticut Department of Social Services issued a report on Friday describing the online incident, which has since been contained.
Gainwell Technologies provides fiscal agent and account administration services for HUSKY, which is better known as the Connecticut Medicaid program.
Hartford HealthCare officials note that the HUSKY provider portal website is maintained entirely by Gainwell.
On March 26, DSS and Gainwell officials learned that an unauthorized third party gained access to numerous Hartford HealthCare payment accounts and downloaded files containing patient information from the website.
Once the teams at DSS and Gainwell became aware of the bad actor, they launched a thorough investigation with help from external cybersecurity experts and federal law enforcement personnel.
Investigators found that the unauthorized activity started when the bad actor used compromised credentials of Hartford HealthCare employees to break into Hartford HealthCare user accounts on the provider portal. This began March 4.
Following the incident, DSS and Gainwell employees secured the provider portal from further activity and terminated the unauthorized third party’s access to the impacted portion of the environment.
Investigators informed law enforcement and worked with the cybersecurity experts to contain the attack. The bad actor no longer has access to the portal.
DSS and Gainwell officials are now working to put tighter security in place to prevent similar incidents down the line.
According to the report, it appears that the bad actor was financially motivated and less focused on stealing data.
Still, the criminal gained access to information regarding approximately 22,500 people.
Investigators found that while the information varied per person, the bad actor mostly accessed names, Hartford HealthCare account IDs, Medicaid claims, dates of medical services, information about services received and how they were billed, payment information such as amounts paid and information about applicable non-Medicaid health insurance.
The report emphasizes that the incident did not involve Social Security numbers or financial account information leaks, as that information is not available in the system that the criminal hacked into.
The DSS and Gainwell teams began notifying people Friday who were impacted by mailing letters.
The notification includes an offer of credit and identity monitoring services, as well as fraud support services.
Those who believe they may have been affected by the hack are encouraged to call 1-855-744-4488 for more information or assistance.
The DSS report did not provide an update regarding the investigation into who is responsible for hacking the system.
On Friday evening, Hartford HealthCare issued a statement in an effort to clarify potential misinformation.
“Protecting patient information and maintaining the trust of those we serve is a top priority for Hartford HealthCare,” it reads.
The statement notes that around March 25, Hartford HealthCare identified “unusual activity” involving several accounts pertaining to Medicaid claims submissions and payments.
Again, Hartford HealthCare officials emphasize in their statement that the portal is hosted and maintained by Gainwell.
“It is not maintained by Hartford HealthCare,” the statement reads. “Hartford HealthCare immediately alerted both Gainwell and DSS about its concerns with the Gainwell portal, so that Gainwell could investigate and address that matter.”
The statement continues to note that no patient information hosted by Hartford HealthCare was the subject of the incident, and no Hartford HealthCare systems, portals or websites were involved.
“The letter that Gainwell sent to affected individuals on May 22, 2026, states that Gainwell learned that a bad actor had downloaded certian files containing patient information from the HUSKY website,” the statement reads. “Because this incident involved non-Hartford HealthCare infrastructure, any questions regarding the scope of the issue, notifications or next steps should be directed to Gainwell.”
FOX61 has reached out to Gainwell and will add their response as soon as one is received.
Dalton Zbierski is a story desk editor and writer at FOX61 News. He can be reached at dzbierski@FOX61.com.
Do you have a story idea or something on your mind you want to share? We want to hear from you! Email us at newstips@fox61.com.
HERE ARE MORE WAYS TO GET FOX61 NEWS
Download the FOX61 News APP
iTunes: Click here to download
Google Play: Click here to download
Stream Live on ROKU: Add the channel from the ROKU store or by searching FOX61.
Steam Live on FIRE TV: Search ‘FOX61’ and click ‘Get’ to download.
Click Here For The Original Source.
