Aetna ACE revealed to federal regulators a health data breach impacting about 326,000 people that was caused by a ransomware event involving OneTouchPoint, a subcontractor that offers printing and mailing services to one of the insurer’s contractors.
OneTouchPoint, located in Wisconsin, revealed to Maine’s attorney general last week that a hacking issue uncovered in April affected roughly 1.1 million people. In a statement posted on its website, OneTouchPoint also identifies more than 30 health plan clients who were affected by the event. That list does not include Aetna ACE.
Despite this, Aetna ACE reported the OneTouchPoint issue to the Department of Health and Human Services on July 27 as a HIPAA breach impacting almost 326,300 people. Aetna states the exposed information may have included names, residences, dates of birth, and limited medical information, according to a statement given to Information Security Media Group on Tuesday.
According to Aetna, the incident did not include any of Aetna’s or parent company CVS Health’s systems. Some experts believe that breaches involving health insurers pose significant privacy and security risks to their members’ protected health information.
“Insurance companies typically hold large volumes of individually i
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: