Kaiser Permanente says third-party trackers passed on 13.4m patients' data to Big Tech companies

News29 Apr 2024

U.S. healthcare service provider Kaiser Permanente said it experienced a data security incident that compromised the sensitive personal information of almost 13.4 million individuals.

Founded in 1945, Kaiser Permanente caters to more than 12 million members through 39 hospitals in eight states in the U.S. Its network is composed of more than 700 medical offices with over 300,000 personnel, including more than 80,000 physicians and nurses.

In a statement shared with the media, Kaiser said it recently discovered through an internal investigation that the sensitive personal information of its users was “leaked to third-party trackers installed on its websites and mobile applications.”

“Kaiser Permanente has determined that certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X (Twitter) when members and patients accessed its websites or mobile applications,” the company said.

A Kaiser official said that the compromised data included member names, IP addresses, information that could indicate if members were signed into a Kaiser Permanente account, details showing how a member or patient navigated through the website and mobile applications, and search terms used in the health encyclopedia.

The company has, however, confirmed that usernames, passwords, Social Security Numbers, financial account information, or credit card numbers were not a part of the compromised data.

Diana Yee, a company spokesperson, added that the organisation will start notifying almost 13.4 million current and former members and patients who accessed its websites and mobile apps and had their data compromised.

Kaiser Permanente assured its members and patients that soon after the incident was identified, the company removed the trackers and took preventive measures to avoid such incidents in the future.

Please take 30 seconds to register

Register Now

Already have an account? Sign in

Kaiser Permanente says third-party trackers passed on 13.4m patients' data to Big Tech companies

Please take 30 seconds to register

Deblina Jay

More from this author

Over 23,000 patients affected in Clarinda Regional Health Center data breach

Tulane University victimised in Oracle E-Business Suite hack

Mississippi healthcare provider reports data breach impacting over 50,000 people

Related Articles

ShinyHunters publishes 234 GB of stolen DentaQuest data after ransom talks collapse

UN Food Program reports cyberattack on Gaza enrollment system, data from 600,000 households stolen

Ultrahuman smart ring maker reports data breach affecting customer wellness information

Weil Gotshal reportedly pays up to $20 million after cyber extortion group steals client data

Most Viewed

New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY

Don’t allow AI experiments to become quiet business risksSponsored by alice.io

The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty

Ransomware attack on Extant Aerospace exposed sensitive personal data

AI-related data breaches surging, Verizon report says

The Expert View: Transforming security through risk intelligenceSponsored by Obrela

How generative, agentic and predictive systems are reshaping cyber-risk

OpenAI gives European companies access to its latest models to bolster resilience

Anthropic to brief global financial watchdog on cyber flaws exposed by Mythos, FT reports

Japan's bank regulator sets up forum to counter Mythos-powered cyber threats

Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF

23-29 Hendon Lane, London, N3 1RT

020 8349 4363

info@teiss.co.uk