While it's not clear what happened, it looks as though clinical and personal data on 130,000-odd WellPoint beneficiaries may have been accessed through the web. WellPoint has announced that during the past year, two servers operated by a vendor weren't properly secured, leaving pharmacy records, Social Security numbers, claims information and more exposed to the public. To date, WellPoint has not become aware of any identity thefts resulting from access to that data (though patients potentially could have suffered identity theft and failed to connect it to the breach). In response, WellPoint is offering potentially affected beneficiaries one year of free credit-monitoring services. It's also tightened up its security measure with help from an outside consultant.
To learn more about the breach:
- read this Chicago Tribune piece [1]
Related Articles:
Johns Hopkins investigates data breach [2]
Massive data loss at HCA [3]
VA pledges better data security [4]
Allina suffers patient data theft [5]
Links:
[1] http://www.chicagotribune.com/business/chi-wellpoint-data-breach-apr15,0,1068483.story
[2] http://www.fiercehealthit.com/story/johns-hopkins-investigates-data-breach/2007-09-10
[3] http://www.fiercehealthit.com/story/massive-data-loss-at-hca/2006-08-21
[4] http://www.fiercehealthcare.com/story/va-pledges-better-data-security/2006-06-28
[5] http://www.fiercehealthit.com/story/allina-suffers-patient-data-theft/2006-10-23