Download Our DHN Survey Result 2024
Realize your Healthcare’s Digital Transformation journey with ScaleHealthTech Learn More

Kaiser Permanente Confirms Biggest Data Breach of 2024 Impacting 13.4 Mn Individuals

Written by : Arti Ghargi

April 29, 2024

Category Img

Image Source: Freepik

The breach reportedly occurred in mid-April after Kaiser inadvertently shared patients' information with third-party advertisers, including Google, Microsoft, and X.

Kaiser Permanente, a major US health conglomerate, has confirmed a significant data breach, exposing the personal information of millions of current and former members.

The breach reportedly occurred in mid-April after Kaiser inadvertently shared patients' information with third-party advertisers, including tech giants Google, Microsoft, and X (formerly Twitter).

The fallout from the breach is substantial, affecting approximately 13.4 million current and former members and patients who accessed Kaiser's online platforms.

Kaiser will begin notifying its health plan members about the breach, the company said in a documentation submitted to the Department of Health and Human Services on April 12. The notice was publicly posted last week.

The data security breach comes just days after a major ransomware attack on US health giant UnitedHealth that exposed patient data including their medical records, history, and transaction details.

The Extent of Data Breach

Kaiser Permanente is one of the largest American not-for-profit health plans which claims to serve 12.5 million members. It operates under the umbrella of the Kaiser Foundation Health Plan and provides health insurance plans to employers.

According to a statement shared with TechCrunch, Kaiser voluntarily conducted an investigation revealing that certain online technologies installed on its websites and mobile applications may have transmitted personal information to third-party vendors.

The data shared with advertisers includes member names, IP addresses, information indicating if members were signed into a Kaiser Permanente account, and details of their interactions with the website and mobile applications, including search terms used in the health encyclopedia.

However, details such as usernames, passwords, social security numbers, financial account information, or credit card numbers were not included in the transmission to these third parties, the organization said.

The organization also reported that it hasn’t yet noticed any misuse of these details.

Kaiser said that it has taken corrective measures by removing the tracking code from its websites and mobile apps. It will notify about the breach to affected individuals beginning in May across all markets where Kaiser Permanente operates.

Additionally, the organization also notified California's attorney general of the breach, although further details regarding the breach were not provided.

Biggest Data Breach of 2024?

With more than 13 million individuals’ data being compromised, this is the biggest confirmed data breach this year in healthcare.

But that could change soon. UnitedHealth, which was affected by a ransomware attack disrupting the US healthcare system for weeks, has not yet revealed the exact extent of the breach or even the number of people affected by it.

The health insurer is expected to submit the details of the security attack that impacted a significant chunk of the US population, with regulatory authorities.

Some estimates say that the impacted individuals count could rise to as much as 300 million.

This incident underscores a broader trend of healthcare organizations inadvertently sharing patients' personal information with third-party advertisers through online tracking mechanisms embedded in web pages and mobile apps.

Over the past year, similar breaches have been reported by telehealth startups, raising concerns about data privacy and security within the healthcare sector.

About Chime India

The College of Healthcare Information Management Executives (CHIME) is an executive organization dedicated to serving senior digital health leaders. CHIME includes more than 5,000 members in 56 countries and two US territories and partners with over 150 healthcare IT businesses and professional services firms. CHIME enables its members and business partners to collaborate, exchange ideas, develop professionally and advocate the effective use of information management to improve the health and care throughout the communities they serve. CHIME's members are chief information officers (CIOs), chief medical information officers (CMIOs), chief nursing information officers (CNIOs), chief innovation officers (CIOs), chief digital officers (CDOs), and other senior healthcare leaders. The CHIME India Chapter became the first international chapter outside North America in 2016 and is now a community of over 70+ members in India. For more information, please visit


Digital Health News ( DHN) is India’s first dedicated digital health news platform launched by Industry recognized HealthTech Leaders. DHN Is Industry’s Leading Source Of HealthTech Business, Insights, Trends And Policy News.

DHN Provides In-Depth Data Analysis And Covers Most Impactful News As They Happen Across Entire Ecosystem Including Emerging Technology Trends And Innovations, Digital Health Startups, Hospitals, Health Insurance, Govt. Agencies & Policies, Pharmaceuticals And Biotech.


© Digital Health News 2024