Choice Health, the company used to help Humana sell its products, experienced a data breach that resulted in the protected health information of 22,767 patients being compromised.
On May 14, Choice Health learned that an unauthorized party was offering data that was allegedly stolen from its network. Upon learning of this information, Choice Health launched an investigation.
On May 18, the investigation found that a technical security configuration issue caused by a third-party service provider allowed individuals to access one of Choice Health's databases through the internet.
The company's investigation determined that the period of unauthorized access began on or around May 7.
The affected patient files include information such as first and last names, Social Security numbers, Medicare beneficiary identification numbers, dates of birth, addresseses, contact information and health insurance information.
On June 8, Choice Health sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
However, Choice Health learned that additional parties were affected by the breach, including Humana customers.
On Aug. 5, the company notified Humana that some of the company's customers were among those whose information was leaked.
On Aug. 29, Choice Health provided Humana with a list of affected individuals.
The database is no longer accessible by the internet.