Humana alerts 5,600 members after hackers posed as physician group and possibly exposed patient data

Humana has notified 5,569 members of a security incident that may have exposed members' personal information.

On Nov. 8, Humana discovered that unauthorized third parties had posed as physician groups to register on Availity, one of the insurer's authorized service providers, web portal. The hackers then requested eligibility and benefit verification of health plan members through personal information they already had.

An internal review found the hackers had access to the portal between Jan. 15, 2016, to Feb. 21, 2018, and from May 24, 2018, to Nov. 8, 2018. Humana alerted patients on March 5 and April 4.

Humana said that no member data has been misused. Information that may have been exposed in the data breach included names, member identification number, plan effective data, benefit information and Care Reminders, which alerts physicians if screenings or lab tests need to be completed.

No Social Security numbers or banking information was exposed.

Humana is offering affected members identify theft protection for one year. Additionally, Availity has taken steps to secure its web portal, such as additional access requirements and enhanced monitoring.

Copyright © 2022 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars