A data breach earlier this year that affected nearly two million Health Net policyholders might be more extensive than what originally was documented, the Bakersfield Californian reports (Cox, Bakersfield Californian, 8/10).
Background
In March, Health Net announced it lost digital records containing personal data on about 1.9 million current and former policyholders, including 845,000 Californians.
According to the state Department of Managed Health Care, Health Net reported that nine server drives went missing from its data center in Rancho Cordova. Health Net said the missing drives contained personal data on its employees, health care providers and policyholders.
The incident was Health Net's second security breach in two years (California Healthline, 3/15).
New Details
On Wednesday, Health Net announced that it recently has contacted members who originally were not notified that they were affected by the data breach. The insurer also said it has sent letters informing members that their Social Security numbers were compromised. Previously, Health Net had said that only less sensitive data might have been compromised.
The company declined to say how many more people have been affected by the breach.
The insurer apologized and said its previous misstatements resulted from a data analysis error.
Health Net said that it will continue its investigation and that it has no indication that data on the drives were used to commit identity theft.
The company is offering two years of credit monitoring, fraud resolution and credit restoration services to affected individuals (Bakersfield Californian, 8/10).