In July, 2010, America’s largest insurance provider found that a website security error may have placed customers at risk.
People in ten states were exposed to this security breach. The site malfunction appears to have resulted from recent WellPoint website updates performed by an outside contractor.
WellPoint’s system is regularly used by Anthem Blue Cross Blue Shield customers. In this case, the error involved the applications for health insurance processed through the website. It was discovered that data from approximately 940 applications was exposed. Using caution, WellPoint notified 470,000 of their over 30 million customers and applicants of the glitch.
Originally reported to WellPoint by a customer, it was found that information including Social Security numbers may have been accessed via the website by unauthorized viewers. The data was retrieved from the site in the form of spreadsheets. Some of these documents included Social Security numbers or other personal information. The insurance provider responded accordingly to notify affected customers.
Applicants directly impacted by this event received an explanation of the occurrence and risks from WellPoint. To help offset the risks of identity theft, WellPoint additionally offered one year of identity protection at no personal cost to the applicants and customers. These letters and offers were sent to people in Connecticut, California, Colorado, Indiana, Kentucky, Missouri, Nevada, New Hampshire, Ohio and Wisconsin.
WellPoint’s prompt and cautionary actions helped to minimize the dangers of this misfortune. Without the initial and speedy report from a customer, the quick action would not have been possible. The results could have been devastating.