This notice is to advise VillageCareMAX members of a security incident that may have impacted their personal data. On March 18, 2025, VillageCareMAX was notified that our dental benefits administrator, Liberty Dental, was impacted by the Change Healthcare (“CHC”) security incident. CHC provides services to health care providers, health insurance plans and other companies, from which members may have received health services or coverage. Because CHC works as a vendor to health care providers and health insurance plans, personal information, including your health information, may have been impacted in this incident. We are posting this substitute notice to provide members with information about the security incident and to share resources available to individuals who believe their personal data was potentially impacted.
CHC has been reviewing information since the date of the original event and providing impacted health care providers, health insurance plans and other companies with notification of impact to their patients and/or members once identified. CHC is not aware of any misuse of any impacted individuals’ information as a result of the incident.
What happened?
On February 21, 2024, CHC found activity in their computer system that happened without their permission. They quickly took steps to stop that activity. CHC began an investigation and hired a special team to assist them in their review. They also contacted law enforcement and turned off their systems to help protect their customers and their customers’ patients/members.
On March 7, 2024, CHC was able to confirm that a cybercriminal was able to see and make copies of some of the data in their system. According to CHC this happened between February 17, 2024 and February 20, 2024.
On March 18, 2025, VillageCareMAX was notified that Liberty Dental had been impacted by the above-described security incident.
What information was involved?
The data that may have been seen and taken includes contact information (such as name, address, date of birth, phone number, and email) plus one or more of the following:
- Health insurance data (such as health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers)
- Health data (such as medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment)
- Billing, insurance claims and payment data (such as claim numbers, account numbers, billing codes, payment cards, financial and banking, and balance)
- Other personal data (such as Social Security number, driver’s license or state ID number, or other ID number)
The data that may have been seen and taken was not the same for everyone. Some of the data may have been about the person who paid the bill for the health care services.
Why did this happen?
A cybercriminal accessed the CHC computer system without permission.
What is CHC doing?
CHC investigated the event and called law enforcement. They also made changes to their computer systems and implemented additional safeguards to ensure that this does not happen again. They are offering impacted members free credit monitoring and identity theft protection services and have offered to pay for the cost of these services for 2 years.
What you can do:
You can sign up for the above-referenced free credit monitoring and identity protection services. Make sure that your bills and accounts look correct. If you learn of a crime against you, you can file a report with law enforcement.
What if I have a question?
CHC has established a dedicated call center to offer additional resources and information to people who believe they may have been affected by this incident. If you have any questions or concerns, please call them toll-free at 1-866-262-5342, Monday through Friday, 8 a.m. to 8 p.m. CT. You can also go to www.changecybersupport.com and click the link to register online with IDX to enroll in free credit monitoring services. We are sorry for any concern this event may cause.