Some Transit Members Affected by Cyber Attack on CareFirst

CareFirst has notified the Health & Welfare Fund office that participants in the Transit Employees' Health & Welfare Plan were affected by a recently discovered cyber attack on CareFirst. Please note that this is not the same cyber attack as you were alerted to in March.

Representatives of CareFirst have assured the Fund office that no social security numbers of H&W Plan participants were compromised in the attack.

Moreover, the Fund office understands that CareFirst will be notifying each of the affected individuals offering identity theft monitoring assistance. You should receive a letter from CareFirst explaining more about the attack and what you need to do. Here is a sample of that letter.

There are two steps that you need to take if you have an account set up on CareFirst's website.

  1. The next time that you try to log in to your account, you will be prompted to reset your user name and password. Do not be alarmed if this happens. CareFirst is asking you to reset your account to protect your security.
  2. CareFirst is providing you with two years of free credit monitoring and identity theft services. If you wish to take advantage of this program, you must actively enroll in it. Enrollment is not automatic. CareFirst's letter explains the steps you need to take.

Watch this space! We will let you know if we learn any additional, relevant information,

Read all news

Downloads Icon

Related Documents and Links

FAQs Icon


Who do I call if I want to change doctors?

To change doctors you should call your health care provider (e.g., CareFirst, Kaiser etc.) or visit them online.

View All FAQs