Aetna agrees to US$ 17 million (£12 million) to settle data breach
Aetna will pay a US$ 17.1 million (£12.3 million) as part of a settlement for a July 2017 data breach that may have compromised the personal health information of thousands of HIV patients in the US.
The deal will resolve the claims made by Aetna customers in 23 states who were notified by the company that their HIV prescription notifications were sent in envelopes with a clear address window, possibly enabling an unauthorised party to view the contents, according to a Tripwire report. About 12,000 people were involved in this mailing.
Each person involved in the incident will receive at least US$ 500 (£360) with 1,600 of those customers who may have had their personal health information revealed to Aetna’s legal counsel or the mail vendor being given an additional US$ 75 (£54).
The month before this took place Aetna was involved in a separate incident when more than 2,000 Ohio and Texas Aetna customers had some of their personal information compromised when the information was accidentally exposed to unauthorised individuals.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise