Kaiser Permanente on Monday said it was notifying millions of its members and patients of a data transmission to tech companies that may have included some of their personal information.
Kaiser said the data was transmitted to third-party vendors Google, Microsoft Bing and X (formerly Twitter) when members and patients accessed its websites or mobile applications.
The health care organization said it was notifying 13.4 million current and former members of the breach.
According to Kaiser, the information released did not include usernames, passwords, Social Security numbers, financial account information or credit card numbers. It was limited to IP address, name, information that could indicate a member or patient was signed into a Kaiser Permanente account or service, information showing how a member or patient interacted with and navigated through the website and mobile applications, and search terms used in the health encyclopedia.
Get a weekly recap of the latest San Francisco Bay Area housing news. Sign up for NBC Bay Area’s Housing Deconstructed newsletter.
"Kaiser Permanente is not aware of any misuse of any member’s or patient’s personal information," the company said in a statement Monday. "Nevertheless, out of an abundance of caution, we are informing approximately 13.4 million current and former members and patients who accessed our websites and mobile applications. We apologize that this incident occurred."
Kaiser said it is conducting an internal investigation into the breach.
