Health insurer loses 1m customers' health records


#1

[Read the post]


#2

Ahh every time this is how they learn. All the stupid training I take every year about PII data, etc. is all because someone in the company made a similar goof at least now our security group has A LOT more say on things.


#3

I’d rather they HAD lost financial data - I can cancel my credit card or change my bank account number - I can’t (easily) change my name, address, birthdate, SS#, place of birth etc.

Senior executives need to start getting personally fined or sent to prison over this. It’s been going on for years now and big companies are doing nothing to improve data handling because there’s almost zero cost to them when they screw up - how much is the bullshit “credit monitoring” they provide anyway? - and pretty much everyone in the country has now been given it by some retailer, bank, or insurance company at this point.

If the president and COO of the companies involved got 6 months in jail for every data breach, they would stop immediately.


#4

Oh no. That training is purely perfunctory. I get it too. It’s there so management can avoid blame when this kind of thing happens…


#5

Won’t ever happen. Companies and the people in charge of the companies can do whatever they want and get away with it.


#6

I know it will never happen. Companies and congress will take it seriously once the President or a CEO gets their identity stolen and has to deal with it.


#7

I just created an online account with my new insurance provider. The password requirements are a MAXIMUM of 16 characters and ONLY letters and numbers (no symbols). I feel real good about this.

I created an account with my new doctor a few months ago and was pissed enough that that password was limited to ~18 characters, but at least they let me use symbols.

Long story short, I’m sure my data is super safe and secure!


#8

Thank you. Came to say the same thing. I want to see some godamn heads rolling for this.

“Hey customer, sorry we lost your data (today’s internet, amirite?), here’s a website that might or might not be able to tell you when that lost information is used against you, but, ahh, YOU have to check it, and we’re only funding it for 18 months. Gee whiz, we’re real sorry, kthxbai!”

That said, I know my personal data has been “lost” or stolen from the Veterans’ Affairs Administration, the Office of Personnel Management, Blue Cross/Blue Shield (HA! Shield my ass), if not others. So I guess that makes me really, really free–what other data do I have to lose?


#9

Somebody is going to be data-mining, that’s for sure!


#10

There FTFY


#11

This is from May 2014. Anthem’s website, if that rings a bell.

I was so appalled I took a screenshot.


#12

At least it is Lynx friendly!


#13

A breach, depending on the number of records lost, could potentially bankrupt many organizations. So it’s in their best interest to make employees sit through 15 minutes of training a year on how to avoid phishing emails and changing their passwords.


#14

This topic was automatically closed after 5 days. New replies are no longer allowed.