The health insurer began notifying affected members Dec. 10 about the incident. UnitedHealthcare discovered that an unauthorized third party had gained access to members’ health information through a care provider’s portal between July 30 and Nov. 13, 2019. According to HHS’ Office for Civil Rights’ website, 934 members may have been affected.
Member data that may have been exposed included names, health plan information and private medical claims information. No Social Security numbers or financial information was affected.
UnitedHealthcare is working with law enforcement to investigate the incident. Since the data breach, the insurer has taken steps to prevent a similar incident from happening.
Editor’s note: This story was updated Feb. 4.
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails
