Over 122,000 members of Providence Health Plan may have been exposed in a security breach that dates back more than nine years. Dominion National, a Virginia-based insurer and administrator of dental and vision benefits working with Providence, brought it to their attention back in April of this year.

The security breach to Dominion National’s computer servers included sensitive information of current and former members of Providence’s dental program, which may include names, addresses, dates of birth, Social Security numbers, and ID numbers. Thankfully, as of now, there are no indications that any of this information was viewed, accessed, or misused, and Dominion National is alerting the potentially affected members.

This month, a letter was sent to Providence’s customers alerting them that an unauthorized party may have accessed their personal information. And while the data breach did not occur on Providence servers, it could potentially affect almost 3 million individuals nationwide. Dominion National has offered customers possibly affected by this data breach two years of credit monitoring and fraud protection services.

Data breaches of third-party members is on the rise, especially in the healthcare sector. In just the past two years, 56% of hospitals have reported at least one data breach in relation to vendor-related information at an average cost of $2.9 million to clean up. One of the largest data breaches to occur was at the American Medical Collection Agency (AMCA). This breach affected more than 22 million patients and exposed their sensitive data.

Cyber security experts are encouraging healthcare organizations to better manage third-party security services to help better protect their customers and prevent more breaches in the future. They are also recommending customers to monitor their statements and explanation of benefits to make sure their personal information is secure.