Humana disclosed a third-party data breach by Choice Health that impacted 22,767 patients. Humana is the third largest health insurance provider in the nation. Choice Health sells Medicare products on Humana’s behalf.
The company has confirmed that a Choice Health database was exposed to the internet due to a security misconfiguration caused by a third-party service provider. The attackers accessed the database and obtained certain files on May 7, including names, Social Security numbers, dates of birth, addresses, health insurance information, contact information, and Medicare beneficiary identification numbers.
Humana also experienced a 3rd party breach last year, when PracticeMax, a provider of billing and IT solutions for the company, suffered a ransomware attack and data of 4,244 patients was taken.