13.4 Million at Risk: Kaiser Permanente Hit by Data Breach

In one of the United States’ largest medical organizations, Kaiser Permanente, a cyber incident resulted in the compromise of personal data for approximately 13.4 million users.

Founded in 1945, Kaiser Permanente provides healthcare services and medical insurance. Its network includes dozens of hospitals and hundreds of medical offices, serving millions of Americans, primarily on the West Coast.

The security incident was linked to unauthorized access to the systems of City of Hope, a key service provider for Kaiser Permanente. On October 12, 2023, suspicious activities detected in the City of Hope systems were later confirmed to be a cyberattack.

The unauthorized intrusion, which occurred between September 19 and October 12, allowed perpetrators to access and copy files containing sensitive information of millions of individuals, including their names, contact details, social security numbers, medical records, and other data.

Upon discovering the breach, City of Hope promptly implemented measures to mitigate further risks to its systems and data. External cybersecurity experts were engaged to help secure the network and conduct a thorough investigation.

This incident has caused significant concern among Kaiser Permanente clients and has sparked discussions about the need for enhanced data security measures in the healthcare industry.

City of Hope has strengthened its protective measures, including the implementation of advanced cybersecurity technologies and bolstering security protocols, to prevent future incidents. The company commits to maintaining the highest standards of patient data protection.

As a recognition of potential risks, City of Hope offers two years of free monitoring to protect those affected from fraud and identity theft.

The company also advises all affected individuals to remain vigilant, regularly check their account statements and credit reports, and promptly report any suspicious activity to their financial institutions.