Kaiser Permanente data breach overview:
- Who: Health care provider Kaiser Permanente announced it has been hit with a data breach.
- Why: Kaiser says an attacker accessed an employee’s email account containing patients’ protected health information.
- Where: The breach affects Kaiser Foundation Health Plan of Washington patients.
Health care provider Kaiser Permanente announced it has been hit with a data breach that exposed the health information of more than 69,000 patients.
In a June 3 notice to patients, the nonprofit says an attacker accessed an employee’s email account containing patients’ protected health information on April 5, 2022, without authorization.
The information exposed included first and last names, medical record numbers, dates of service and laboratory test result information.
“Sensitive information such as Social Security numbers and credit card numbers were not included in the information,” the notice says.
The security incident only affected the Kaiser Foundation Health Plan of Washington patients, Kaiser Permanente says.
The organization is not currently facing legal action over the breach, but Top Class Actions follows data breaches closely as they sometimes end in class action lawsuits.
Kaiser says it has taken action to protect patient info following data breach
Kaiser says it reacted by terminating the attacker’s access to the email account within hours and that it has begun investigating the incident to assess its impact.
“After discovering the event, we quickly took steps to terminate the unauthorized party’s access to the employee’s emails,” Kaiser Permanente says in the patient notice. “This included resetting the employee’s password for the email account where unauthorized activity was detected.”
The employee involved also received additional training on safe email practices, and the organization says it is exploring other steps it can take to ensure incidents like this do not happen in the future.
The health care provider says it did not find evidence that the information stored in the hacked email account was stolen or misused after the incident but couldn’t completely rule out this possibility.
While Kaiser Permanente did not reveal the exact number of affected patients in the breach notice, information filed with the U.S. Department of Health and Human Services Office for Civil Rights revealed that the incident led to 69,589 individuals having their information exposed, Bleeping Computer reports.
Kaiser Permanente provides health care services to over 12.5 million members from eight U.S. states and Washington, D.C.
This is just the latest lawsuit to be filed in the wake of a medical data breach. Last year, patients filed a class action lawsuit against Pittsburgh-area hospital UPMC and Charles Hilton & Associates, the law firm that handles its collections, in the wake of a massive data breach.
If your information was compromised as a result of a hospital data breach, you may qualify for a health care data breach class action lawsuit claim review.
Read About More Class Action Lawsuits & Class Action Settlements:
Please note: Top Class Actions is not a settlement
administrator or law firm. Top Class Actions is a legal news source
that reports on class action lawsuits, class action settlements,
drug injury lawsuits and product liability lawsuits. Top Class
Actions does not process claims and we cannot advise you on the
status of any class action settlement claim. You must contact the
settlement administrator or your attorney for any updates regarding
your claim status, claim form or questions about when payments are
expected to be mailed out.