America’s leading not-for-profit health care provider, Kaiser Permanente has disclosed a massive data breach exposing the health information of more than 69,000 individuals.
Kaiser Permanente has provided health care services to 12.5 million members from 8 U.S. states including Washington D.C.
It has been stated from the company’s notice that an attacker without authorization accessed the classified patient’s information via an email account of an employee. The health care provider said, “This notice describes a security incident that may have impacted the protected health information of some Kaiser Permanente patients who may have been affected by an unauthorized access incident on April 5, 2022.”
The sensitive information that was revealed has the patient’s first and last names, medical records, dates of service, and laboratory test result information. The organization claimed that no detail of credit card and social security numbers was revealed.
Kaiser Permanents claimed that they have terminated the attacker’s access to the email within an hour. They said, “After discovering the event, we quickly took steps to terminate the unauthorized party’s access to the employee’s emails.” The no-for-profit organization has further stated that they have reset all employee passwords and email accounts. The incident occurred only in the section of Washington D.C and they have initiated a thorough investigation of the incident.
