Who: Health Alliance Plan

# of Accounts Breached: More than 120,000

What was affected: Customers’ names, addresses, dates of birth, member identification numbers, health care provider names, patient identification numbers and claim information, such as the service codes and payment amounts.

When it happened: September 23, 2018

How it happened: Letters notifying customers of the breach were sent by Wolverine Solutions Group, a Detroit-based company HAP hired to manage its mailing services. The letters said the security problem occurred on or around Sept. 23, when Wolverine Solutions Group “experienced a ransomware incident — ​malicious software that attacked and locked up our servers and workstations.

Outcome: The company is offering AllClear ID for identity protection for one year for HAP employees whose information may have been compromised.The letter mailed to affected HAP customers says Wolverine Solutions Group is trying to ensure it doesn’t happen again: “We have migrated to a different computer system that has added protection and are training our workforce in safeguards.”