Millions of Kaiser Health Plan members have had their information compromised in a recent data breach, according to a legally required notice filed with the U.S. government. The notice, made public on April 12, stated that 13.4 million residents had unauthorized access/disclosure involving a network server.
Organizations in the U.S. that fall under the health privacy law HIPAA are mandated to report data breaches involving protected health information to the U.S. Department of Health and Human Services. Kaiser also informed California’s attorney general of the breach but did not offer any additional information about it. The Kaiser Foundation Health Plan, which is the parent organization of various entities within Kaiser Permanente, reported having 12.5 million members at the end of 2023.
The breach at Kaiser has been identified on the Department of Health and Human Services’ website as one of the largest health-related data breaches of 2024 to date, although it remains uncertain whether it is connected to other security incidents such as ransomware attacks on U.S.-based health tech companies like Change Healthcare earlier this year. UnitedHealth Group disclosed earlier this week that sensitive health information pertaining to a “substantial proportion” of people in America was stolen by criminal hackers during an attack on Change Healthcare in February, although an exact number was not provided for how many people were affected by this incident.
For more information about the data breach at Kaiser or any other security incidents related to healthcare technology, contact our reporter via Signal and WhatsApp at +1 646-755-8849 or by email for secure submission through SecureDrop[.]
/cloudfront-us-east-1.images.arcpublishing.com/pmn/JW5FJZ4GPNCGHCN7KMRKWQOLTI.jpg)
