A health insurer Aetna located in Harford, CT found that the PHI of 5000 members was exposed via online means and the information was also accessible via the search engines. Aetna conducted an investigation on 27 April, 2017 for the security problem that affected 2 computer services. Those computer services were responsible to expose the documents showing Information of authorized people and other member plans. During the investigation Aetna found, that these documents were also submitted to search engines and unauthorized people can easily access those.
On 10th May, the investigation report highlighted the fact that the data has been exposed. As the investigation process was started in April, Aetna found the data breach on 1st Feb stated by San Antonio Express-News. It is not yet clear that why investigation process took too long time to clear the evidences. According to Aetna, SS numbers, the debit and credit card information and the financial information was safe. The information exposed in the documents contained the names, the member’s numbers, ID numbers, amount of claim and the provider information. While some people got exposed their service dates, the service codes and the procedure codes.
Many people were affected due to this breach and among then 522 were the Texas residents while 1708 belonged to Ohio. According to the report, 5002 was the total amount of individuals that were affected by the breach. Aetna has not revealed yet either the exposed information has been misused or not? But they have already taken some steps to remove the information from the search engines and disable the access of unauthorized members. All the affected plan sponsors and the individuals have been informed of the breach issue by email.