Major health insurer WellPoint Inc. has warned 470,000 people who applied for its health insurance that a website security glitch may have exposed their Social Security numbers, medical records, and other sensitive data to the public.  The WellPoint data breach affects consumers in 14 U.S. states including Connecticut, California, Colorado, Indiana, Ohio, Nevada, and Wisconsin.

The top U.S. health insurer by membership learned of the problem in March 2010 when an insurance applicant sued the company, saying she was able to obtain information in other people’s applications for health insurance by manipulating URLs to a site that tracks membership applications.

Connecticut Attorney General Richard Blumenthal said he is investigating this “massive security breach” at WellPoint Inc. that may have compromised financial and health information on almost 500,000 consumers.  Blumenthal wrote to the Indianapolis-based company, the largest U.S. health insurer, asking for information on how the breach occurred, what’s being done to protect those affected and how to prevent future incidents, he said today in a statement.

“This information breach is only the latest in a disturbing series of cases where nonpublic personal information has been subjected to unauthorized access,” Blumenthal said in his statement.  “WellPoint should provide affected consumers with two years of credit monitoring services and at least $25,000 of identity- theft protection,” Blumenthal said.

WellPoint notified 470,000 consumers in June 2010 about the breach, which affected people who applied for individual insurance.  Exposed data could have revealed medical history and credit card information, said a WellPoint Inc. spokeswoman.

Related News:

Tags: , , , , ,