Hackers accessed sensitive information of Humana clients

Healthcare provider notices data exposure after a report from Bankers Life

Bankers Life informed Humana that hackers accessed some employees credentials which led to the data breach of numerous Humana's clients.

Humana,^[1] the well-known healthcare provider, is yet another organization that experienced a data breach lately. The organization has claimed that they noticed that something is wrong when Bankers Life informed them about manipulated credentials which belonged to some part of the company's employees. With their help, cybercrooks gained access to sites where Humana clients log in and search for healthcare services.^[2]

Furthermore, Humana claimed in their report that the breach might have touched even those people who have a Medicare Supplement policy from Colonial Penn Life Insurance Company:^[3]

Although not in the notification letter (embedded below), a notice on Bankers Life web site indicates that the breach may have also impacted individuals who have a Medicare Supplement policy issued by Colonial Penn Life Insurance Company.

It is also known that the attackers had access to Bankers Life employee credentials between the time period of May 30 and September 13 last year.

Leakage includes the last four digits of Social Security Numbers

Once the data breach was launched, hackers gained access to private information, that belonged to the Humana clients, such as:

• name, surname;
• birthdate;
• residence address;
• Humana health insurance policy number and cost;
• SSN's^[4] last four numbers.

However, the good news is that the hackers could not reach other sensitive information such as the full Social Security Numbers of Humana clients, credit or debit card information, banking details, important data about medical care services, and similar.

The company has claimed that it is taking this incident very seriously and is keen on taking care of client's further safety – it has offered all affected people credit monitoring services and identity repair for the time duration of one year:

To help mitigate any potential harm, Bankers Life is offering those potentially affected one year of identity repair and credit monitoring services through ID Experts.

Humana already suffered from the data breach at the beginning of 2018

Sadly, this is not the first data breach that Humana experienced lately. The worldwide organization reported about hacking attempts that took place on June 3 and 4, 2018.^[5] The data breach attack was brought against Humana.com and Go365.com websites by using IP addresses from overseas. After this hack, Humana also took actions such as forcing password changes, sending alerts of failed logins, etc.

However, data breaches are affecting companies worldwide. According to researches of 2018, the biggest data exposures had hit companies such as Marriott International which had around 500 million guests' sensitive data exposed, Exactis when 340 million details were breached, Under Armour when 150 million MyFitnessPal accounts were exposed, also Quora breach which led to data leakage of millions of users, and Facebook data breach that leaked details of 87 million people.^[6]

It is very important that all those beforementioned companies and all other organizations take care of their safety seriously. As we can see, hackers are finding more and more ways how to reach their target. If firms will not take this matter as they should, various healthcare, educational, booking, and other companies will be still experiencing similar attacks in the nearest future.