Excerpt from Techcrunch Article, Published on Apr 26, 2024
Healthcare giant Kaiser is under fire for a data breach that exposed the personal information of millions of current and former members. The breach occurred when Kaiser inadvertently shared patients’ data with third-party advertisers, including tech giants like Google, Microsoft, and X.
Following an investigation, Kaiser confirmed that certain online technologies embedded in its websites and mobile applications had transmitted personal information to these vendors. The shared data includes member names, IP addresses, and details indicating whether members were logged into Kaiser accounts, along with their website and app interactions.
Kaiser has since removed the tracking code from its platforms, but the damage has been done. This breach follows a trend in the healthcare industry, with other organizations like Cerebral, Monument, and Tempest also facing scrutiny for similar data-sharing practices.
Kaiser plans to notify the 13.4 million affected individuals starting in May, spanning all markets where Kaiser Permanente operates. The organization has fulfilled legal requirements by notifying the U.S. Department of Health and Human Services and California’s attorney general about the breach.
The breach is a significant blow to Kaiser, one of the largest healthcare organizations in the U.S., with over 12.5 million members. It marks the largest health-related data breach of 2024 so far, according to records from the Department of Health and Human Services.
The incident underscores the pressing need for stricter data privacy regulations in the healthcare sector, as breaches of this magnitude can have far-reaching consequences for patient trust and security.
To delve deeper into this topic, please read the full article on Techcrunch.
