Unencrypted USB drive stolen, 3,000 Humana members in Atlanta impacted

Share this article:

In Georgia, nearly 3,000 members of health care provider Humana are being notified that their personal information – including Social Security numbers – may have been compromised after an encrypted laptop and unencrypted USB drive were stolen from an associate's vehicle.

How many victims? 2,962. 

What type of personal information? The unencrypted USB drive contained names, medical records and Social Security numbers.

What happened? An encrypted laptop and an unencrypted USB drive containing the data were stolen from a Humana associate's vehicle.

What was the response? Added training and improved business practices and procedures are measures being taken by Humana to prevent a similar incident from occurring. All impacted members are being notified and offered free access to credit monitoring services.

Details: The information related to members in the Atlanta area. There was no indication of when the devices were stolen, but a Humana statement indicated the theft occurred recently.

Quote: “At this time, Humana has no reason to believe that the information has been used inappropriately,” according to a Humana statement.

Source: A Humana statement emailed to SCMagazine.com.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.

Marquette University notifies graduate applicants of possible breach

Settings for an internal file server were inadvertently modified, making graduate school applications accessible to anyone with Marquette University login credentials.

Physician's email account, accessed by unknown source, contained patient data

UC Davis Health System is notifying 1,326 patients that a physician's work email account was accessed by an unknown source and an email within that account contained their personal or medical information.