US health insurer Centene has lost the personal records of 950,000 of its members that were stored on hard drives, the company has revealed.
Details include customers' names, addresses and dates of birth, security numbers, membership details and health information, although Centene said no financial details have been compromised.
The company's CEO said it doesn't believe the data has fallen into the wrong hands or has been stolen, but it is simply struggling to find the whereabouts of the hard drives.
"While we don't believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives," said Centene's chief executive, Michael Neidorff. "The drives were a part of a data project using laboratory results to improve the health outcomes of our members."
The customers affected had been processed by Centene's laboratory between 2009 and 2015. Centene doesn't think much harm can be done if the information falls in the wrong hands, Alison Rea, a lawyer at Kemp Little, told the BBC that the lost data should be a big concern for the firm, because of the nature of the information.
"As Centene provides health insurance solutions for the under-insured and uninsured public in the USA, the release of details of who their members are and their medical information could be highly damaging," she said.
"Not only will it cause personal distress to the individuals involved if their friends and families find out about their medical history, but also because it could make it harder for those people to secure medical health insurance with other providers in the future."
It is likely that Centene will have to make a report to US regulatory authorities and will be fined for any data loss, Rea explained.
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
