Do you receive healthcare of any kind from Kaiser Permanente?
If so, be aware that they recently published a data breach notification indicating that an unidentified attacker accessed an email account that contained personal health information on April 5th, 2022.
Based on the investigation to this point, it appears that sensitive health information belonging to more than 69,000 individuals was exposed. For context, Kaiser Permanente provides a wide range of health care services to more than 12.5 million customers spanning eight states, plus the District of Columbia. While it's true that a breach of any size is a bad thing, this one only impacted on a tiny slice of the company's patient base.
Kaiser's breach notification reads in part as follows
"This notice describes a security incident that may have impacted the protected health information of some Kaiser Permanente patients who may have been affected by an unauthorized access incident on April 5, 2022.
The specifics of the unauthorized access were provided to individuals affected in a letter sent by Kaiser Permanente on June 3, 2022.
Sensitive info exposed in the attack includes:
- The patients' first and last names
- Medical record numbers
- Dates of service
- Laboratory test result information"
One small positive thing about this breach
If there's a silver lining to be found here, it lies in the fact that Kaiser's notification stressed that no Social Security or credit card numbers were exposed.
While this event will no doubt damage trust, the data that was stolen is not likely to be sufficient to allow the attackers to steal your identity. If you are one of the impacted customers, then you should have already received a notification from the company.
My perspective
We wish we could say that this will be the last data breach of the year but sadly, that's not going to be the case. Stay tuned for the next and guard your personal data closely!
Here's hoping for the first and not the second:
"The thrill of victory, and the agony of defeat"
By Denis Wilson
Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short.
For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter.
I am also a published author and speaker on cloud computing, work-at-home, and cybersecurity. I work extensively with business and professional associations to provide free small business technology education programs.
Contact me if you would like me to speak to your association
