Medical insurance companies California’s Blue Shield has notified 4.7 million individuals of a potential data breaches since 2021 after unconsciously sharing patient protected health information with Google.
“On February 11, 2025, Blue Shield discovered that between April 2021 and January 2024, Google Analytics configured Google Analytics to be shared with Google Ads, a Google advertising product. Let me know.
“It is possible that Google used this data to run an ad campaign focused on those individual members. We want to reassure members that no bad actors are involved. To our knowledge, Google has not used the information for purposes other than these ads or shares protected information with anyone.”
Blue Shield used Google Analytics to track the use of members of a particular Blue Shield website. It said it “disconnected” to Google Ads and Google Analytics in January 2024, a year ago when I learned about the data collection over the years.
The health insurance company said any information that may have been affected includes the name, type, group number and personal details such as the patient’s name, gender, location, family size and patient’s financial liability.
Unique IDs generated in Blue Shield for members’ online accounts, information related to dates and providers of medical billing services, and search inputs and results from the “Search Physicians” feature were also shared.
The health insurance company said it has not revealed any Social Security number, driver’s license number or bank or credit card information.
Blue Shield Submit On April 9, 4.7 million people said legally necessary disclosures with the U.S. Department of Health and Human Services were affected by the violation. As of last year, the company It has been reported It has 4.8 million members.
Bigger trends
Verizon released it 2025 Data Breach Investigation Report This week we revealed that healthcare continues to be an attacker’s favorite target.
Another company that has experienced a data breach is the multinational computer technology company Oracle. I experienced two separate data breaches It has been reportedly affected Oracle Health customers in recent months, with the other being a result of exploits targeting Oracle Cloud login servers.
Yale New Haven reported last month Cybersecurity Incident Threat actors stole personal data from 5.5 million patients. Cyberattacks caused disruption to IT systems, but did not affect patient care.
In 2024, changes to Healthcare, a software and data analytics vendor that provides revenue cycle management, clinical decision support and other operational tools, announced that it had taken the system offline. Due to cyber attacks.
Hundreds of thousands of doctors, pharmacies and other providers, and companies that handle claims for the process, which counts around 15 billion transactions per year. I was hit by black cat ransomwareleave that operation I was inherently weakened.
