Kaiser Permanente experienced a data breach that exposed the data of 13.4 million current and former insurance members. The breach was not caused by a hacking event but rather by the oversharing of patient data with third-party advertisers like Google and Microsoft due to improperly implemented tracking code on the company's websites and mobile applications
The shared information included names, IP addresses, browsing history, login status, and search terms used. While Kaiser has removed the tracking code, concerns remain about the privacy and security implications, as this incident highlights the prevalent issue of third-party trackers obtaining and using sensitive customer data for targeted advertising. Narayana Pappu, CEO at Zendata, emphasized the lack of monitoring and auditing processes in place to prevent such data leaks, underscoring the importance of safeguarding personal information in the health tech and government sectors. https://www.darkreading.com/cyberattacks-data-breaches/13-4m-kaiser-insurance-members-affected-by-data-leak-to-online-advertisers