BreachExchange mailing list archives
Ind. AG reaches settlement with WellPoint in consumer data breach
From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 5 Jul 2011 19:33:06 -0400
http://www.nwitimes.com/business/local/article_7feddb17-aa1c-5950-b743-cec018b84267.html July 5, 2011 INDIANAPOLIS | Health insurer WellPoint Inc. will pay Indiana a $100,000 settlement over a data breach where the personal information of thousands of WellPoint customers was potentially accessible via the Internet. The settlement resolves a lawsuit Indiana Attorney General Greg Zoeller's office filed under a new data-breach notification law passed in 2009. "This case should be a teaching moment for all companies that handle consumers' personal data: If you suffer a data breach and private information is inadvertently posted online, then you must notify the Attorney General's Office and consumers promptly. Early warning helps minimize the risk that consumers will fall victim to identity theft," Zoeller said. The data breach occurred when applications for individual insurance policies submitted to WellPoint -- containing Social Security numbers, financial information and health records -- were potentially accessible through an unsecured web site from October 23, 2009, to March 8, 2010. The records of 32,051 people in Indiana were potentially accessible through the online application tracker website operated by companies owned by or affiliated with WellPoint for potentially anyone to see. ... _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Ind. AG reaches settlement with WellPoint in consumer data breach Jeffrey Walton (Jul 06)