Medicaid Billing Company Data Breach Results in Exposure of Student Information In More Than 190 schools

Data breaches have become part of our everyday reality affecting governments, businesses, and individuals alike. In this blog post series, we take a look at recent breach incidents, analyse how they happened, and examine what can be done for your protection.

What Happened? 

Timberline Billing Service, LLC provides Medicaid billing and reimbursement services to numerous school districts throughout the state of Iowa. They recently experienced a data security incident impacting an estimated 116,131 individuals. 

 Sometime between February 12 and March 4 of this year, an unknown actor accessed the company’s network. They encrypted certain files and removed some information. It is not clear which schools were impacted. Along with Iowa, Timberline Billing Service has offices in Illinois and Kansas.  

What Information Was Involved? 

As a result of a breach of student personal information, the personal details of current and former students such as names, Social Security numbers, Medicaid ID numbers, billing or claims information, dates of birth, medical record numbers, treatment information and more, may have been exposed. 

What Are the Risks to You?

When a service or network is breached, your personally identifiable information (PII) can be accessed by hackers and can be made publicly available on the internet. The information stolen in data breaches is very often used for nefarious purposes. Fraudsters sell it on the dark web and exploit it to commit cybercrimes involving PII, like child, medical, criminal or tax and other types of identity theft. Additionally, your information may be used to establish a fake identity, known as synthetic identity fraud, in which a whole new identity is pieced together with fake and real information obtained from people-search sites, social media, and data breach exposures.  

Is There Anything You Can Do?

There’s not much you can do to prevent data breaches like this and you have little control over your personal information stored by the third-party services. When a data breach has already happened, your information shared with the service is already out there. What’s important now is to focus on minimizing the fallout to prevent identity-related crimes involving your PII. 

To remedy and protect personal information of potentially impacted individuals, Timberline recommends using complimentary credit monitoring and identity protection services. We here at OneRep couldn’t agree more. Safeguarding your personal information is essential to reducing the risk of identity theft after data breach incidents. OneRep privacy protection platform offers a 5-day trial to help you identify the sites that expose your personal information and initiate the automatic removal of your data. 

In addition, we recommend you to follow these security guidelines for individuals that will help avoid a data breach: 

#1 Use strong passwords and change them regularly

#2 Use multi-factor verification whenever possible to add an extra layer of security for your accounts.

#3 Install a password manager to encrypt your passwords.

#4 Check your email address on to make sure your personal data hasn’t been compromised in data breaches.

#5 Update your software and devices as soon as new versions are available.

#6 Be aware of recent scams and frauds. Scammers will never stop scamming. But you can catch up. Be up to date with the latest digital risks individuals face: 

Stay Informed

To protect your identity use the precautionary steps above and follow us on Facebook and Twitter for future data breach alerts.

Click here to view our protection plans and sign up for our free trial to  keep yourself safe online. 

Iryna Slabodchykava

Content Strategy Manager at OneRep | LinkedIn