Security glitch exposes WellPoint data again

Jun 29, 2010 By TOM MURPHY , AP Business Writer

(AP) -- WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer's records.

The Indianapolis company said the problem stemmed from an online program customers can use to track the progress of their application for coverage. It was fixed in March.

Spokeswoman Cynthia Sanders said an outside vendor had upgraded the insurer's application tracker last October and told the insurer all security measures were back in place.

But a California customer discovered that she could call up confidential information of other customers by manipulating Web addresses used in the program. Customers use a Web site and password to track their applications.

WellPoint learned about the problem when the customer filed a lawsuit about it against the company in March.

"Within 12 hours of knowing the problem existed, we fixed it," said Sanders, who declined to identify the outside vendor.

WellPoint is the largest commercial health insurer based on membership, with nearly 34 million members. It runs Blue Cross Blue Shield plans in 14 states and Unicare plans in several others.

Sanders said the insurer notified customers in most of its states. That includes about 230,000 customers of its Anthem Blue Cross subsidiary in California.

About 356 million records of U.S. residents have been compromised or exposed due to security breaches since 2005, according to Privacy Rights Clearinghouse, a consumer advocacy group that tracks such reports.

WellPoint's security breach doesn't crack the top 10 in terms of number of people who may have had information exposed, said Paul Stephens, the organization's director of policy and advocacy. Even so, he labeled the breach "very serious" because it possibly involved both financial and medical information.

"There are obviously multiple concerns there for consumers," he said.

Two years ago, WellPoint offered free credit monitoring after it said personal information for about 128,000 customers in several states had been exposed online. In 2006, backup computer tapes containing the personal information of 200,000 of its members were stolen from a Massachusetts vendor's office.

WellPoint's latest breach affected only individual insurance customers and not group coverage or people who buy Medicare Advantage insurance. Sanders said the company believes a "vast majority" of the unauthorized access of customer information came from the plaintiff and her attorneys.

The insurer notified all individual insurance customers who had information in its application tracking program from October through March. It will provide a year of free credit monitoring.

WellPoint shares fell 69 cents to $50.10 in Tuesday afternoon trading, while broader trading indexes slid more than 2 percent.

Explore further: Privacy groups take 2nd hit on license plate data

4 /5 (1 vote)
add to favorites email to friend print save as pdf

Related Stories

Insurers agree to limit health care cancelations

Apr 29, 2010

(AP) -- Several health insurers said Wednesday they plan an early start on a slice of health care reform by pledging to limit the circumstances in which they cancel coverage when a customer gets sick.

Individual insurance rates soar in 4 states

Feb 13, 2010

(AP) -- Consumers in at least four states who buy their own health insurance are getting hit with premium increases of 15 percent or more - and people in other states could see the same thing.

IQ testing for obese people is challenged

Jan 23, 2007

A U.S. group is challenging an insurance company's requirement that morbidly obese people be given an IQ test before undergoing weight loss surgery.

Recommended for you

Privacy groups take 2nd hit on license plate data

Sep 19, 2014

A California judge's ruling against a tech entrepreneur seeking access to records kept secret in government databases detailing the comings and goings of millions of cars in the San Diego area via license plate scans was ...

Scots' inventions are fuel for independence debate

Sep 17, 2014

What has Scotland ever done for us? Plenty, it turns out. The land that gave the world haggis and tartan has produced so much more, from golf and television to Dolly the Sheep and "Grand Theft Auto."

White House backs use of body cameras by police

Sep 16, 2014

Requiring police officers to wear body cameras is one potential solution for bridging deep mistrust between law enforcement and the public, the White House said, weighing in on a national debate sparked by the shooting of ...

Chinese city creates cellphone sidewalk lane

Sep 15, 2014

Taking a cue from an American TV program, the Chinese city of Chongqing has created a smartphone sidewalk lane, offering a path for those too engrossed in messaging and tweeting to watch where they're going.

Coroner: Bitcoin exchange CEO committed suicide

Sep 15, 2014

A Singapore Coroner's Court has found that the American CEO of a virtual currency exchange committed suicide earlier this year in Singapore because of work and personal issues.

User comments : 0