Who: Kaiser Permanente, a major healthcare service provider in the U.S., disclosed a data security incident affecting approximately 13.4 million current and former members and patients.
What: The incident involved the leakage of personal information to third-party trackers installed on Kaiser Permanente's websites and mobile applications. Information such as IP addresses, user interactions with the website and apps, and search terms used in the health encyclopedia were potentially exposed.
Impact: While sensitive data like usernames, passwords, and financial information were not compromised, the leaked information could still be misused by marketers, advertisers, and data brokers. Kaiser Permanente has taken steps to remove the trackers and implement additional security measures. Although there have been no reported cases of misuse, the organization plans to notify individuals affected by the incident as a precautionary measure. This breach follows a previous incident in June 2022, where unauthorized access to an employee's email account exposed the health information of 69,000 people.
Read the full article HERE