Dominion National reveals data breach began 9 years ago

The dental and vision benefits insurer and administrator has announced a data breach that may have occurred as early as August 25, 2010. 

In a statement the company revealed that the data security incident had been detected on April 24, 2019 following an investigation of an internal alert. It was soon discovered that an unauthorised party may have had access to some of the computer servers since 2010. 

Dominion National President, Mike Davis wrote:

“After learning of this, we moved quickly to clean the affected servers and implement enhanced monitoring and alerting software. We also contacted the FBI and will continue to work with them during their investigation.

“We have undertaken a comprehensive review of the data stored or potentially accessible from those computer servers and have determined that the data may include enrollment and demographic information for current and former members of Dominion National and Avalon vision, and current and former members of plans we provide administrative services for.”

The company also stated that the data on the servers may have included personal information for producers “who placed Dominion National and Avalon vision policies, and healthcare providers participating in the insurance programs of Dominion National”. 

The member information may include names, email addresses, dates of birth, Social Security Numbers, addresses and much more. It is also possible that members who had enrolled online through the Dominion Nationals’ website, their bank account and routing numbers may have been included in the data. 

“We have no evidence that any information was in fact accessed, acquired, or misused. However, we began mailing notification letters to potentially affected individuals on June 21, 2019, and we have established a dedicated incident response line to answer any questions.”

“We regret any inconvenience or concern this may cause you. We want you to know that protecting your information is incredibly important to us, as is helping you through this situation by providing you with the information and support you need.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.