ADVERTISEMENT

Thousands of Humana customers have their medical data leaked online by threat actors

humana leak security breach
Cybernews Team
Jul 20, 2021 Updated: 7 December 2023 3 min read
Humana data base leak
"Humana on July 16 became aware of a possible data breach of an unaffiliated third-party application targeted at Medicare Advantage members and agents. The application is not owned or operated by Humana. Our Cyber Security Operations continues to monitor the situation. Humana has policies and procedures in place to maintain the security of its members’ information, and we take this responsibility very seriously."
Humana

What was leaked?

  • Full names
  • Patient IDs
  • Email addresses
  • Street addresses with ZIP codes
  • Password hashes
  • Privacy policy confirmation statuses
  • Medicare Advantage plan data
  • Medical treatment data
  • Links to photos and videos, some of which may include patient X-rays, CT scans, insurance document scans
Humana data leak 1
Humana data leak 2
ADVERTISEMENT

Who had access to the data?

What’s the impact?

  • Target patients with spear-phishing and/or spam campaigns
  • File fraudulent insurance claims
  • Use the victims’ health insurance
  • Exploit or extort patients based on their health information
  • Collect, collate, and share this medical data with other malicious actors
  • Commit identity theft

Next steps

  • Check if your data has been leaked in other breaches by using a service like CyberNews’ personal data leak checker, which currently has more than 15 billion records
  • Set up identity theft monitoring with your financial institution of choice
  • Review recent activities on your online accounts and watch out for suspicious emails, messages, and requests

More from CyberNews:

ADVERTISEMENT