WellPoint Warns 470,000 Insurance Applicants About Website Security Breach

Reuters: "WellPoint Inc. has warned some 470,000 people who applied for its health insurance that a website security glitch may have exposed their Social Security numbers and other sensitive data to the public." WellPoint quickly fixed the problem after being notified by a consumer who noticed it. The glitch "was introduced in October by a contractor who upgraded the site," according to a company spokesman. According to WellPoint officials, the "security glitch was exploited to access information on 940 insurance applications" and "unauthorized viewers accessed spreadsheets that 'in rare cases' contained Social Security numbers" (Finkle, 6/29).

The Tech Herald: "WellPoint, the nation's largest health insurer based on a customer base of more than 30 million, said that a system used by Anthem (Blue Cross Blue Shield) customers to track the status of their individual insurance applications was vulnerable due to a failed security update. … WellPoint said that 'out of abundance of caution,' applicants impacted by the security problem and access by the attorneys will receive a 'detailed notification from Anthem Blue Cross explaining what happened, and will be offered identity protection services for one year at no cost'" (Ragan, 6/29).

The Hartford Courant: "Besides Connecticut, the breach affected Anthem and WellPoint customers in California, Colorado, Indiana, Kentucky, Missouri, Nevada, New Hampshire, Ohio and Wisconsin. This is the latest of several information breaches involving medical data and personal information taken from an insurance company or hospital in recent years. Last year, a hard drive with seven years of personal and medical information of about 1.5 million Health Net customers, including 446,000 in Connecticut, was lost or stolen" (Sturdevant, 6/30).

This is part of Kaiser Health News' Daily Report - a summary of health policy coverage from major news organizations. The full summary of the day's news can be found here and you can sign up for e-mail subscriptions to the Daily Report here. In addition, our staff of reporters and correspondents file original stories each day, which you can find on our home page.