DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Humana notifies members of business associate breach at Bankers Life

Posted on January 4, 2019 by Dissent

Humana‘s name has been popping up too much in my breach news searches recently. I noted two incidents in December involving Humana (one theft report and one hack involving Family Physicians Group (now Humana). Now I’ve spotted a third incident report, although this one is a breach involving a business associate.

Bankers Life logo

According to a notification letter that appears to be from this week, the Kentucky-based health insurance provider was notified on October 25 by Bankers Life that that a bad actor had accessed system credentials of some Bankers Life employees and used them to access Bankers Life websites where people could apply online for Humana health insurance.

Although not in the notification letter (embedded below), a notice on Bankers Life web site indicates that the breach may have also impacted individuals who have a Medicare Supplement policy issued by Colonial Penn Life Insurance Company.

The unauthorized access occurred between May 30 and September, 13, 2018. Bankers Life had become aware of unusual activity on August 7, 2018, and had initiated an investigation to determine the source. They also notified law enforcement, retained an external forensics investigator to assist them, and began to place additional restrictions on access to their systems with additional monitoring also deployed.

The investigation determined that the compromise of the web sites potentially exposed applicants’ name, address, date of birth, last four digits of Social Security number, and some information about the health insurance policy (such as the type and cost of the coverage, and application or policy number).

To help mitigate any potential harm, Bankers Life is offering those potentially affected one year of identity repair and credit monitoring services through ID Experts.

HUM1-Notification-HU18005C9-Multiple-Bankers-Life_0

No related posts.

Category: Business SectorHackHealth DataU.S.

Post navigation

← German politicians’ data published online in massive breach
UK: Hospital apologizes for voicemail privacy breach in Manchester →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban
  • 20 States Sue HHS to Stop Medicaid Data Sharing with ICE
  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.