Healthcare management provider Humana recently revealed that hackers accessed information of individuals who had applied for a Humana health insurance policy via Bankers Life.
With millions of customers in the United States, the Louisville, Kentucky-based for-profit health insurance company ranked 56 on the Fortune 500 list.
In a breach notification filing with the California Attorney General’s Office (PDF), the company revealed that the hackers were able to compromise Bankers Life, one of its associates, but that the incident impacted a limited number of its own customers.
The company says it learned of the incident on October 25, when Bankers Life said bad actors accessed system credentials belonging to some of its employees. The hackers had access to said credentials between May 30 and September 13, 2018 and leveraged them maliciously.
“During this period, an unauthorized bad actor used employee system credentials to gain access to certain secure, Bankers Life websites, potentially resulting in unauthorized access to limited, personal information of individuals who had applied for a Humana health insurance policy through Bankers Life,” Humana says.
The healthcare management provider says the hackers might have accessed a great deal of information on its customers, including name, address, date of birth, last four digits of their Social Security number, and limited information about their Humana health insurance policy (such as the type and cost of the coverage, and application or policy number).
The company also says that the hackers did not have unauthorized access to other types of information on its customers, such as the full Social Security number, banking or credit card information, or information about health or medical care.
Bankers Life first learned of the incident on August 7, and immediately launched an investigation, including the hiring of external forensics investigators, the company says.
“We want you to know that at Humana we take seriously our responsibility to ensure the security of your information. We regret any concern this incident may have caused. You have privacy rights under a Federal law that protects your health information,” Humana told impacted customers.
Humana has yet to provide details on the number of impacted customers. The company’s website is down at the time of this writing.
Related: Data Breach Hits 2.6 Million Atrium Health Patients
Related: Hackers Breach HealthCare.gov System, Get Data on 75,000
More from Ionut Arghire
- Chrome 114 Released With 18 Security Fixes
- Spyware Found in Google Play Apps With Over 420 Million Downloads
- Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability
- PyPI Enforcing 2FA for All Project Maintainers to Boost Security
- Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack
- Many Vulnerabilities Found in PrinterLogic Enterprise Software
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
Latest News
- Chrome 114 Released With 18 Security Fixes
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Breaking Enterprise Silos and Improving Protection
- Spyware Found in Google Play Apps With Over 420 Million Downloads
- Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- PyPI Enforcing 2FA for All Project Maintainers to Boost Security
- Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack
