日本語
한국어
Tiếng Việt
简体中文
Blue Shield of California has announced a significant data breach affecting 4.7 million members. Sensitive health information was inadvertently shared with Google’s analytics and advertising platforms.
The breach, stemming from a misconfiguration of Google Analytics on Blue Shield’s websites, occurred between April 2021 and January 2024. The issue potentially allowed Google to access and utilize member data for targeted advertising campaigns.
According to Blue Shield’s notification and a subsequent update on the United States Department of Health and Human Services breach portal, the exposed data includes:
- Insurance plan name
- Type and group number
- City and zip code
- Gender
- Family size
- Blue Shield assigned identifiers for members’ online accounts
- Medical claim service date, service provider, patient name, and patient financial responsibility
- “Find a Doctor” search criteria and results (location, plan name and type, provider name and type)
While sensitive data like Social Security numbers and financial details were not compromised, the incident raises concerns about privacy and data security. Blue Shield encourages members to remain vigilant and monitor their account statements and credit reports for any suspicious activity.
The company has not yet announced whether it will offer identity theft protection services or send individual notifications to affected members.
This incident follows a previous data breach last year, where nearly one million members’ data was stolen by the BlackSuit ransomware group after an attack on Connexure, Blue Shield’s software solutions provider.
Related Articles:
- US lab testing provider exposed health data of 1.6 million people
- SK Telecom warns customer USIM data exposed in malware attack
- Entertainment services giant Legends International discloses data breach
- Ahold Delhaize confirms data theft after INC ransomware claims attack
- Landmark Admin data breach impact now reaches 1.6 million people
Tags: BLUE SHIELD OF CALIFORNIA, CALIFORNIA DATA BREACH, GOOGLE ANALYTICS, HEALTHCARE
Bill Toulas is a tech writer and infosec news reporter with over a decade of experience covering open-source, Linux, malware, data breach incidents, and hacks.