Current HAP Data Breach(es)

Toll‑free member hotline: (866) 291-2114

May 11, 2026

Berkeley Research Group, LLC (BRG) is notifying some HAP members of a security incident that may have affected their protected health information.  BRG is a consulting firm for Express Scripts, HAP’s Pharmacy Benefit Manager.

On March 2, 2025, BRG discovered suspicious network activity including indicators of compromise consistent with a ransomware attack (the “Incident”). Upon discovery, BRG immediately took steps to contain and remediate the situation, including taking systems offline, engaging cybersecurity and privacy professionals to assist, and beginning a forensic investigation, which identified that unauthorized activity occurred between February 28, 2025, and March 2, 2025.

BRG is notifying some HAP members whose protected personal information was contained in the affected files. This personal information may include name, address, date of birth, Social Security number, tax identification number, passport number, driver’s license number or government ID, financial and bank account information, at times in combination with pin, security code, or login credentials, payment card number at times in combination with additional details, username and password, medical information, and health insurance information. Note that this describes general categories of information identified as present within the affected systems during the incident and it includes categories that are not relevant to each individual. 

HAP members with questions, or those who believe they were affected but did not receive a notification letter, may contact BRG’s toll-free assistance line at (866) 291-2114 Monday through Friday from 9am through 6:30pm Eastern Time (excluding U.S. holidays).
 

Toll‑free member hotline: (866) 686-2607

April 2, 2026

HAP (Health Alliance Plan) has notified some of their members about a data breach that occurred with our third-party partner, Pinnacle Holdings, LTD (“Pinnacle Holdings”). 

 Here are important facts to know:  

  • On November 25, 2024, Pinnacle Holdings experienced a network disruption. Their investigation determined that between November 11, 2024, and November 25, 2024, an individual accessed a limited portion of their network by exploiting a vulnerability in a VPN. The individual did not encrypt Pinnacle Holdings’ data and Pinnacle Holdings was able to continue operations; however, the individual copied certain information from Pinnacle Holdings’ network.
  • The affected information may have included patient name, address, phone number, email address, Social Security number, driver’s license/state ID number, date of birth, medical diagnosis/treatment information, prescription information, date of service, patient ID number, provider name, medical record number, Medicare/Medicaid number, health insurance information, health insurance claim number, health insurance policy number, and/or treatment cost information. However, the information related to HAP customers may only contain a limited subset of the information noted above.

Pinnacle Holdings has a toll-free call center to answer questions about the incident, provide access to free credit monitoring and identity protection services for potentially affected individuals, and address related concerns. The call center is available between the hours of 7:00 AM and 4:30 PM Mountain Time, Monday through Friday, excluding major U.S. holidays, and can be reached at (866) 686-2607. You can also reach us by writing to 9085 E. Mineral Circle, Suite 110, Centennial, CO 80112.

Toll‑free member hotline: (888) 406-8920

 February 5, 2026

Conduent Business Services LLC, third-party service provider, had the following incident occur between Oct. 21, 2024, to Jan. 13, 2025:  

  • On Jan. 13, 2025, Conduent discovered a cyber incident that affected a limited portion of its network. Conduent reports that it immediately secured its systems and began an investigation with third-party forensic experts.
  • Their investigation determined that an unauthorized third party accessed its environment and obtained certain files containing personal information that Conduent maintained while providing services to HAP. Conduent states that it is not aware of any attempted or actual misuse of the information involved.

Conduent is notifying HAP members whose protected personal information was contained in the affected files. This personal information may include name, address, medical information and other data elements. Not every data element was present for every impacted member.

HAP members with questions, or those who believe they were affected but did not receive a notification letter, may contact Conduent toll-free at (888) 406-8920, Monday through Friday, 9 a.m. to 6:30 p.m. EST.