An Aetna affiliate on Thursday alerted the federal authorities information breach compromised lots of of hundreds of members’ well being information.
The information breach stemmed from a hacking incident at EyeMed, an organization that Aetna contracts with to offer providers for members of in its imaginative and prescient profit plans, a spokesperson from CVS Well being, which owns Aetna, mentioned in an emailed assertion.
In July, a hacker accessed an EyeMed e-mail account and despatched phishing emails to contacts within the account’s deal with ebook, in accordance with a discover EyeMed posted on its web site.
It is unclear whether or not the hacker seen or exfiltrated members’ well being information. The e-mail account contained names, dates of start, imaginative and prescient insurance coverage identification numbers, medical insurance identification numbers, and a few Social Safety numbers, start certificates, medical diagnoses, and monetary info of present and former members who obtain imaginative and prescient advantages via EyeMed, together with Aetna prospects.
Greater than 484,000 Aetna members had information compromised within the incident, in accordance with a report submitted to HHS’ Workplace for Civil Rights on Thursday.
“Aetna locations the best precedence on defending the privateness of its prospects and takes important measures to guard non-public info from unauthorized makes use of and disclosures,” the CVS Well being spokesperson mentioned. “We proceed to remain in shut contact with EyeMed to assist guarantee it takes the suitable steps to guard prospects’ info.”
EyeMed and Aetna, which was knowledgeable of the incident in September, have discovered no proof suggesting the uncovered info has been misused, he mentioned.
EyeMed didn’t reply to a request for touch upon the incident. The corporate has not revealed how many individuals had been affected within the information breach total.
“EyeMed regrets any inconvenience this incident might trigger people,” reads the discover posted on EyeMed’s web site. “To assist stop one thing like this from occurring once more, we now have taken immediate motion to reinforce the protections that had been already in place earlier than the incident,” together with extra community safety measures and safety consciousness coaching.