Los Angeles (KABC) — The health care provider said about 13.4 million current and former Kaiser Permanente members and patients were potentially affected by the privacy breach.
Kaiser says it is alerting former and current clients and the health organization is not aware of any misuse of member or patient information.
Data collected likely includes IP addresses, member names, and how members navigate on Kaiser's website or mobile applications due to code embedded in those sites.
A cyber expert told ABC7 this case is more of a privacy invasion than a data issue, with criminals breaking into a system to steal personal information and sell it.
“The privacy breach case, as it appears to be, is a case where Kaiser shared personal data with other organizations, in this case, likely Twitter/X, possibly Google, possibly Microsoft,” said Dr. Clifford Newman, director. USC Center for Computer Systems Security.
In a statement to Eyewitness News, Kaiser Permanente said in part:
“No usernames, passwords, Social Security numbers, financial account information, or credit card numbers were included in the transmission to these third parties. Kaiser Permanente conducted a voluntary internal investigation into the use of these online technologies and subsequently removed them from the websites.” And mobile applications.”
The organization apologized to its members, and told them that it had taken safeguards and other measures to help prevent this problem from recurring.
Copyright © 2024 KABC Television, LLC. All rights reserved.
“Infuriatingly humble alcohol fanatic. Unapologetic beer practitioner. Analyst.”