On February 20th, a dental HMO owned by CareFirst discovered that the personal information, including Social Security numbers, of 75,000 of its members had been posted on one of its publicly accessible web sites.

The CareFirst BlueCross BlueShield dental HMO did not notify the affected members until a March 10th letter. The Dental Network said that it had no evidence of anyone using the information but as a safety measure it is offering the affected members 12 months of free credit monitoring. CareFirst also distributed instructions to help members contact credit bureaus to place a fraud alert on their account.

The Baltimore Sun reports that a state law passed last year requires businesses to promptly notify anyone who is potentially affected by a theft or security breach.

The Dental Network released a statement apologizing for the error and has since introduced a dedicated website to help affected members.