Skip to main content

Notice: One of our vendors, NationsBenefits, LLC, experienced a cybersecurity incident that affected certain members’ personal information. Learn more.


NationsBenefits security incident: What SCFHP members need to know

Member news | Friday, May 12, 2023

Santa Clara Family Health Plan (SCFHP) works with NationsBenefits Holdings, LLC (NationsBenefits), to provide services to our members. We securely share member information with NationsBenefits to provide a plan benefit.

A vendor NationsBenefits used was recently the victim of a cyberattack. As part of the security incident, the following information from certain members may have been affected:

  • Name and contact information
  • Date of birth
  • SCFHP member ID number
  • Medi-Cal Client Index Number (CIN)
  • Medicare Beneficiary Identifier (MBI)

Social Security Numbers (SSN) were not included.

SCFHP was notified of the incident on February 22, 2023. We worked as quickly as possible to identify impacted members. You may have received a letter from SCFHP in April explaining the incident.

We understand you may have questions about this incident. Here are some frequently asked questions below:

Frequently asked questions:

What happened?

On February 7, 2023 NationsBenefits learned that its vendor Fortra, LLC (Fortra) had some of its data stolen. Fortra helped NationsBenefits securely exchange files with SCFHP using Fortra software called GoAnywhere. Fortra was the victim of a cybersecurity hacking incident that it discovered on January 30, 2023.

What did NationsBenefits do?

NationsBenefits secured its systems as soon as it found out. It took the following actions:

  • Stopped using Fortra’s software
  • Launched a probe with law enforcement and a cybersecurity firm
  • Looked to see if member information was affected
  • Started using a new secure file transfer protocol (SFTP) solution with Microsoft Azure. The Azure SFTP solution has many features that enhance security
  • Told SCFHP on February 22, 2023, that some of your information was affected.

What information was involved?

The types of personal information involved included:

  • Your name and contact information
  • Your date of birth
  • Your SCFHP member ID number
  • Your Medi-Cal Client Index Number (CIN)
  • Your Medicare Beneficiary Identifier (MBI)

Social security numbers were not included.

What steps is SCFHP taking to ensure this doesn’t happen again?

SCFHP has kept in contact with NationsBenefits about this matter. We are working with NationsBenefits to implement their new SFTP policy. NationsBenefits has taken their GoAnywhere server permanently offline and implemented a new SFTP solution utilizing Microsoft Azure. The Azure SFTP solution has many features that enhance security.

What can members do to protect their information?

Be aware of any identity theft or fraud. Watch your account statements. Keep track of your financial accounts for any unusual activity.

Track your bank information regular and report any suspicious or fraudulent activity to your bank or credit card company. Report identity (ID) theft to the Federal Trade Commission (FTC) online at or by phone at 1-877-438-4338.

To be extra safe, NationsBenefits is offering you identity protection services through Experian’s® IdentityWorksSM. This service will be provided to you at no cost for 24 months. This product provides you with credit monitoring, identity theft resolution services, and $1,000,000 of identity theft insurance. Information on activating the membership was provided in a letter sent to impacted members.

Who should I contact if I have more questions?

If you have more questions, call NationsBenefits Customer Assistance Line: 1-866-313-7993. The hotline operating hours are Monday through Friday between 6 a.m. and 6 p.m. Pacific Time, excluding major U.S. holidays.