Humana alerts 5,600 members after hackers posed as physician group and possibly exposed patient data

Listen

Humana has notified 5,569 members of a security incident that may have exposed members' personal information.

On Nov. 8, Humana discovered that unauthorized third parties had posed as physician groups to register on Availity, one of the insurer's authorized service providers, web portal. The hackers then requested eligibility and benefit verification of health plan members through personal information they already had.

An internal review found the hackers had access to the portal between Jan. 15, 2016, to Feb. 21, 2018, and from May 24, 2018, to Nov. 8, 2018. Humana alerted patients on March 5 and April 4.

Humana said that no member data has been misused. Information that may have been exposed in the data breach included names, member identification number, plan effective data, benefit information and Care Reminders, which alerts physicians if screenings or lab tests need to be completed.

No Social Security numbers or banking information was exposed.

Humana is offering affected members identify theft protection for one year. Additionally, Availity has taken steps to secure its web portal, such as additional access requirements and enhanced monitoring.

© Copyright ASC COMMUNICATIONS 2021. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Whitepapers

Featured Webinars