A recent data breach at Health Net resulted in missing health histories of close to 120,000 customers in Oregon. According to a spokesperson for state insurance, the information has been missing for over a month.
Who Caused The Problem?
Los Angeles-based Health Net is one of the largest health insurers in Oregon. On March 14, the company announced that data servers containing personal finance information for nearly two million former and existing customers went missing. According to officials, Social Security numbers may have been compromised.
According to Cheryl Martinis, a representative for the Oregon Insurance Division, 33,000 Medicare members and 87,000 commercial policyholders have been affected by the data breach. Martinis said, “We’ve been working with the company to make sure that Oregon’s policy holders are protected and that consumers are properly notified.”
Why Weren’t The Customers Alerted?
An advocacy group known as OSPIRG wants to know why the customers were not alerted to the breach sooner. A health care advocate for the group, Laura Etherton said, “It’s bad enough that this breach happened in the first place, but it’s outrageous that consumers are only finding out about it now.”
How Long Had They Known?
Martinis says the division learned about the possibility of a data breach as early as late February, but did not alert customers because the affected had not yet been identified by Health Net. She said, “The insurance company had to locate the backup tapes, hire forensic experts to determine whether they could access the data, and then produce a list of the some 1.9 million consumers nationwide who might be affected.” Martinis also said, “Health Net started mailing notices as soon as they identified the members and had a plan in place for credit monitoring.”