WellPoint Security Breach Puts Information At Risk
An application page could have put people at risk.
A security breach might have made put the personal, financial and medical information of 5,600 people in Connecticut at risk.
In October, the health insurance company WellPoint hired a computer company to upgrade an Internet-based application system and a flaw left open the possibility that people could see others’ applications, WellPoint told the Hartford Courant. That information included names, social security numbers, credit card information, health information and medical history.
The breach affected Anthem and WellPoint customers in 10 states, including Connecticut, including California, Colorado, Indiana, Kentucky, Missouri, Nevada, New Hampshire, Ohio and Wisconsin.
The company learned of the problem in March, when it was served a subpoena from a California court and the flaws were corrected, the company told the Courant.
The company recently learned about a small number of people manipulating the web address within the application web site and were able to see some private information, according to a statement from Anthem Blue Cross and Blue Shield.
“The vast majority of such manipulation and the resulting unauthorized access occurred at the hands of certain attorneys (representing an applicant),” the company said in a statement to NBC Connecticut. “We believe that this manipulation was conducted to support a class action against Anthem its parent company - over the very breach being committed.”
In all, the breach potentially affected 470,000 customers nationwide, the Hartford Courant reports.
“Out of abundance of caution, all appropriate applicants will receive a detailed notification from Anthem explaining what happened, and will be offered identity protection services for one year at no cost,” the company said in a statement.
