Millions of Kaiser customers notified of possible risk following data breach at US health giant Kaiser.

Share it

The American healthcare giant Kaiser Foundation Health Plan has exposed sensitive data on millions of its current and former patients, apparently by mistake. Among the data inadvertently shared with advertisers are member names and IP addresses, as well as information regarding their membership status with Kaiser Permanente. Furthermore, the company leaked information on how members interacted with the website and the apps, and what they searched for in the health encyclopedia. A total of 13.4 million people are affected by this mishap, the company has confirmed, and it is preparing to send out data leak notifications to all of them.

Targeting healthcare

The company confirmed the news via a statement shared with TechCrunch, noting its website and mobile applications used “certain online technologies”(tracking codes) that may have transmitted personal information to third-party vendors, thought to include Google, Microsoft, and X. Kaiser filed a notice with the U.S. government and notified California’s attorney general of what had happened. Due to the sensitivity of the data they hold, healthcare organizations are a constant target for cybercriminals. Recent incidents such as the ransomware attack on Change Healthcare and data breaches at ESO Solutions, Zoll Medical, and Independent Living Systems highlight the ongoing threats faced by the healthcare industry.

In late 2023, after a supply chain attack on ESO Solutions, sensitive data from a number of healthcare organizations in the US was stolen, and in March of the same year, both Zoll Medical and Independent Living Systems reported data breaches. The Kaiser Foundation Health Plan, as the parent organization of Kaiser Permanente, claimed to have more than 12 million members last year.

More from us

American healthcare giant Kaiser Foundation Health Plan exposed sensitive data on millions of its current and former patients, apparently by mistake. Among the data inadvertently shared with advertisers are member names and IP addresses, and information regarding their membership status with Kaiser Permanente. Furthermore, the company leaked information on how members interacted with the website and the apps, and what they searched for in the health encyclopedia. A total of 13.4 million people are affected by this mishap, the company has confirmed, adding it is preparing to send out data leak notifications to all of them.