According to the US-based healthcare colossus, Kaiser Permanente, an extensive amount of customer information was likely shared with companies like Microsoft and Google, among others. A whopping 13.4 million existing and former members were notified of the situation, in which potentially personal information may have been unwittingly passed to these third-party vendors via Kaiser’s own web and mobile platforms.
The Kaiser corporation revealed that it was the implementation of third-party tracking and analytics tools that led to the unforeseen information leak. It’s only recently that they have understood the full scope of data delivered by this embedded tech to third-party entities whenever users were active on their digital interfaces.
Highlighting the severity of this leak, earlier in the month, Kaiser Permanente officially reported a security lapse to the US Department of Health and Human Services, as was reported by TechCrunch. This disclosure evidenced the scale of the impact, with a massive 13.4 million data leaks.
The data that potentially found its way into the hands of third parties, ranged from IP addresses, names, login status to Kaiser services, interaction history on Kaiser’s web and mobile platforms, and even search terms used in their online health dictionary. Kaiser, however, was keen to suggest that super-sensitive data—usernames, passwords, Social Security numbers, financial details, and credit card numbers—had not been accessed by the third parties.
Related: Meta is sued over data collection on hospital patients
Having detected and addressed the situation, Kaiser, assembled in Oakland, California, took steps to eliminate the problematic tech from its platforms and implemented additional measures to prevent any repetition of such privacy breaches.
