The Information Highway

The Information Highway

Font size: +
2 minutes reading time (345 words)

Kaiser Permanente: Data breach may impact 13.4 million patients

Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States.

Kaiser Permanente is an integrated managed care consortium and one of the largest nonprofit health plans in the U.S.

It operates 40 hospitals and 618 medical facilities in California, Colorado, the District of Columbia, Georgia, Hawaii, Maryland, Oregon, Virginia, and Washington. 

In a statement, the organization said that information from "approximately 13.4 million current and former members and patients" was leaked to third-party trackers installed on its websites and mobile applications.

"Kaiser Permanente has determined that certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X (Twitter) when members and patients accessed its websites or mobile applications"

by Kaiser Permanente

The spokesperson clarified that the data may include IP addresses, names, information that could indicate a member or patient was signed into a Kaiser Permanente account or service, details showing how a member or patient interacted with and navigated through the website and mobile applications, and search terms used in the health encyclopedia.

Typically, information collected by online trackers is shared with an extensive network of marketers, advertisers, and data brokers.

The statement highlights that the data exposed this way does not include usernames, passwords, Social Security Numbers (SSNs), financial account information, or credit card numbers.

Kaiser Permanente says the trackers were discovered and removed following a voluntary internal investigation, while additional measures to prevent the recurrence of similar incidents have been implemented now.

Although the organization is not aware of cases of misuse of the exposed information, it will notify individuals who accessed its sites and used its mobile apps out of an abundance of caution.

In June 2022, Kaiser Permanente disclosed a data breach that exposed the health information of 69,000 people caused by unauthorized access to an employee's email account by an external actor.

The data exposed at the time included full names, medical records, dates of service, and lab test results information.

Okta warns of "unprecedented" credential stuffing ...
FBI warns against using unlicensed crypto transfer...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Tuesday, 05 November 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023