Kaiser Permanente announces data breach affecting 13.4 million

A Kaiser Permanente building in Lancaster, California. (Ted Eytan/Flickr)


Kaiser Permanente has announced a data breach affecting 13.4 million current and former members who accessed the company’s website and mobile applications.

The data breach was linked to online technologies installed on websites and mobile apps that may have transmitted personal information including IP addresses, search terms used in the health encyclopedia, and information showing how someone interacted with the website to third-party vendors including Google, Microsoft Bing and X (Twitter).

The data breach did not include usernames, passwords, Social Security numbers, financial account information, or credit card numbers, according to a statement from Kaiser Permanente.

The company announced it had conducted an internal investigation and removed the online technologies linked to the data breach.

“Kaiser Permanente is not aware of any misuse of any member’s or patient’s personal information,” according to the statement. “Nevertheless, out of an abundance of caution, we are informing approximately 13.4 million current and former members and patients who accessed our websites and mobile applications. We apologize that this incident occurred.”