Kaiser Permante Data Breach Affecting 13.4 Million: IP Addresses and Search Terms Exposed

LOS ANGELES – In a recent data breach that potentially affected millions of accounts, Kaiser Permanente has notified its members following the incident reported to the Department of Health and Human Services (HHS) in mid-April. The HHS described it as an “unauthorized access/disclosure”. Around 13.4 million individuals are estimated by HHS as having been potentially affected by the Kaiser Foundation Health Plan breach. Despite stating that no misuse or unauthorised use of personal information has yet come to light, Kaiser Permanente is still alerting those impacted out of an abundance of caution – this includes both current and former customers. At the end of 2023, more than 12.5 million individuals were enrolled in its health plans, according to the company’s statement.
Kaiser Permanente determined that certain online technologies installed on their website and mobile applications may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X (Twitter) when members or patients accessed these websites or apps – a situation which has since been rectified as the technology is no longer in use. Usernames, passwords, Social Security numbers, or payment details were not compromised according to Kaiser Permanente’s statement; however, tech vendors could have potentially obtained IP addresses and certain other information such as “search terms used in the health encyclopedia”.
Kaiser Permanente apologized for this incident and stated that measures are being taken to prevent it from recurring. Providing its Health plans throughout eight US states, D.C., operating over forty hospitals with several hundred medical offices additionally forming a significant portion of the sector’s services across California, Oregon, Washington, Hawaii, Nevada, Colorado & Maryland including National Capitol area as Kaiser Permanente explains further here .