A security breach exposed the personal information of an estimated 22,500 people enrolled in the Connecticut Medicaid program (HUSKY), according to the state Department of Social Services.
In a statement, the department said Gainwell Technologies provides fiscal agent and account administration services for HUSKY program which is administered by DSS. On March 25, 2026, DSS and Gainwell learned that an unauthorized third party had gained access to a small number of Hartford HealthCare’s payment accounts on the HUSKY provider portal website and downloaded certain files containing patient information from that website.
An investigation, supported by external cybersecurity experts and in coordination with federal law enforcement, determined that the unauthorized activity began when the threat actor used compromised credentials of Hartford HealthCare employees to access HHC user accounts on the provider portal on March 4.
In response, DSS and Gainwell secured the provider portal from further activity and terminated the unauthorized third-party user’s access. External cybersecurity experts investigated and determined that the attack had been contained. DSS and Gainwell are taking steps to implement additional security procedures to mitigate the risk of future incidents, according to the department.
According to external investigators, the attack appears financially motivated, rather than directed at obtaining patient data, the department said. Impacted information varied by individual, but could have involved the full name, Hartford HealthCare and Medicaid account or claim information numbers, dates of medical service, payment information and non-Medicaid health insurance information that could include policy and group number. Financial account and Social Security numbers were not available in the system that was attacked and were not involved in the incident, the department said.
DSS and Gainwell began notifying affected individuals via postal mail on May 22. The notification includes an offer of credit and identity monitoring services and certain fraud support services. Individuals who believe they may be impacted are encouraged to call 1-855-744-4488 for more information.
In a statement, a Gainwell spokesperson said protecting personal information was a top priority for the company and that the company had notified law enforcement and cybersecurity experts immediately upon learning of the incident.
“While this incident was a result of a bad actor compromising Hartford HealthCare employee credentials, we have added additional security measures to protect the HUSKY website and are offering two years of free identity theft protection and credit monitoring to potentially impacted patients,” the statement concluded.
