Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals.
Founded in 1945, Kaiser Permanente provides health care services to over 12.5 million members from 8 U.S. states and Washington, D.C.
The company revealed in a notice published on its website that an attacker accessed an employee's email account containing patients' protected health information (PHI) on April 5, 2022, without authorization.
"This notice describes a security incident that may have impacted the protected health information of some Kaiser Permanente patients who may have been affected by an unauthorized access incident on April 5, 2022," the health care provider said.
"The specifics of the unauthorized access were provided to individuals affected in a letter sent by Kaiser Permanente on June 3, 2022."
Sensitive info exposed in the attack includes:
- The patients' first and last names
- Medical record numbers
- Dates of service
- Laboratory test result information
The organization says no Social Security numbers and credit card numbers were exposed during this breach.
The security incident only affected the Kaiser Foundation Health Plan of Washington patients.
