“WellPoint Online Security Breach Put Personal Data At Risk” |
| WellPoint Online Security Breach Put Personal Data At Risk Posted: 29 Jun 2010 07:57 PM PDT An online security breach put at risk the personal, financial and medical information of 470,000 WellPoint customers nationwide, including 5,600 in Connecticut, customers are learning this week in letters from the company. The breach affects only those who used the company's web portal to apply for individual-market health insurance through WellPoint subsidiaries, mostly Anthem Blue Cross or Anthem Blue Cross and Blue Shield, in 10 states. It doesn't affect those who have group-based insurance through WellPoint or Anthem, such as plans offered through an employer, union or some other organization. In October, WellPoint hired a computer company to update security on its online application process, but the work left a flaw that allowed some to tinker with the system and see other people's applications, said WellPoint spokesman Cindy Sanders. "Sometime after the October upgrade, an applicant went in to view the status of her application," Sanders said. "She manipulated the URL address — the web address — and was able to determine that she could view other people's information. She, in turn, hired an attorney, who did the same thing." The company learned of the security flaw in March when it received a subpoena for a lawsuit seeking class-action status in a California court, Sanders said. The security flaws were fixed in March. An internal WellPoint investigation discovered that the information was accessed by fewer than 10 unidentified computers, owned by those other than the insurer's employees and affiliates. Those who hacked into the system could have seen applications, which include a person's name, Social Security number, credit-card information, health information and medical history. Besides Connecticut, the breach affected Anthem and WellPoint customers in California, Colorado, Indiana, Kentucky, Missouri, Nevada, New Hampshire, Ohio and Wisconsin. This is the latest of several information breaches involving medical data and personal information taken from an insurance company or hospital in recent years. Last year, a hard drive with seven years of personal and medical information of about 1.5 million Health Net customers, including 446,000 in Connecticut, was lost or stolen. In February, a radiologist who formerly worked at Griffin Hospital in Derby broke into a computer archive system over several weeks and accessed medical information of 957 patients. In some cases, the patients were contacted by the doctor, who was selling his professional services at a different hospital in the area. Five Filters featured article: Headshot - Propaganda, State Religion and the Attack On the Gaza Peace Flotilla. Available tools: PDF Newspaper, Full Text RSS, Term Extraction. |
| You are subscribed to email updates from Content Keyword RSS To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
0 comments:
Post a Comment