Humana Informs Customers of Third-Party Security Incident - Security Boulevard
Wednesday, December 1, 2021
  • Improving Cybersecurity With MITRE ATT&CK Framework
  • Is the Market for Hardware Security Appliances Doomed?
  • Internet Applications Naming and Identifiers in IoT
  • 1984 vs 2021 | Avast
  • US Retailers Pull Surveillance Company Products Linked to Genocide

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About Us

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Incident Response SBN News Security Bloggers Network 

Home » Cybersecurity » Data Security » Humana Informs Customers of Third-Party Security Incident

SBN Humana Informs Customers of Third-Party Security Incident

by David Bisson on January 9, 2019

Humana has notified customers of a third-party security incident that might have exposed some of their personal information.

According to a breach notification letter obtained by DataBreaches.net, the for-profit American health insurance company learned on 25 October 2018 that bad actors had gained access to the system credentials of some employees at Bankers Life, one of Humana’s business partners. Those individuals then used those credentials to enter secure Bankers Life websites. There, they might have stolen the personal data of individuals who had applied for a Humana health insurance policy through those sites.

Bankers Life first learned of this incident on 7 August 2018. With the help of an external forensics investigator, the primary subsidiary of CNO Financial Group, Inc. determined that the unauthorized parties had accessed some of its employees’ credentials between 30 May 2018 and 13 September 2018. During that time, those bad actors might have acquired customers’ names, addresses, dates of birth, limited health insurance information and the last four digits of their Social Security Numbers.

Bankers Life’s investigation revealed that the incident didn’t expose the full Social Security Numbers, driver’s license numbers, financial information or sensitive medical data of most affected customers.

Following its discovery of the potential data breach, Bankers Life sent notification letters to 566,217 customers in which it offered them one year of free identity repair and credit monitoring services. It also urged them to monitor their credit reports and banking accounts for suspicious activity.

In its breach notification letter, Humana took a moment to inform customers of their options:

We want you to know that at Humana we take seriously our responsibility to ensure the security of your information. We regret any concern this incident might have caused. You have privacy rights under a Federal law that protects your health (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/humana-informs-customers-of-third-party-security-incident/

January 9, 2019January 9, 2019 David Bisson Humana, insurance, IT Security and Data Protection, Latest Security News, Security Incident
  • ← “Make No Mistake, American Companies Are Squarely in the Cross-Hairs of Well-Financed Nation-State Actors,” U.S. Counter-Spy Center Says
  • 85 Android Adware Apps Downloaded 9 Million Times →

TechStrong TV – Live

Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Most Read on the Boulevard

Crypto Mining Hackers vs. Cloud Computing—Google States the Obvious
Cybercriminals: Frenemies China, Russia, North Korea
Debunking Myths About CMMC 2.0
Securing Corporate Philanthropy on Giving Tuesday
Cyberattacks in 2021 Highlighted Critical Infrastructure Risks
DEFCON 29 IoT Village – Jay Balan’s ‘5 Years Of IoT Vulnerability Research And Countless 0Days’
The Internet is Held Together With Spit & Baling Wire
Customer Identity & Access Management: Build -v- Buy
DEFCON 29 IoT Village – Hutch’s ‘Alexa, Have You Been Compromised?’
DEFCON 29 IoT Village – Barak Hadad’s And Gal Kaufman’s ‘Reverse Supply Chain Attack’

Upcoming Webinars

Wed 01

Protecting Applications Running On Kubernetes

December 1 @ 12:00 pm - 1:00 pm
Mon 06

Code Tampering: 4 Keys to Risk Reduction

December 6 @ 3:00 pm - 4:00 pm
Wed 08

Cloud Security

December 8 @ 12:00 pm - 1:00 pm
Thu 09

SCA: Your First Step Toward Supply Chain Security

December 9 @ 11:00 am - 12:00 pm
Jan 11

Securing Infrastructure-as-Code From Tampering and Misconfigurations

January 11, 2022 @ 3:00 pm - 4:00 pm

More Webinars

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Cyberattacks in 2021 Highlighted Critical Infrastructure Risks
Cybersecurity Data Security Endpoint Industry Spotlight IoT & ICS Security Malware Network Security Security Boulevard (Original) Threat Intelligence Vulnerabilities 

Cyberattacks in 2021 Highlighted Critical Infrastructure Risks

November 30, 2021 Chen Fradkin | Yesterday 0
Debunking Myths About CMMC 2.0
CISO Suite Cyberlaw Cybersecurity Governance, Risk & Compliance Industry Spotlight IoT & ICS Security Network Security Security Awareness Security Boulevard (Original) 

Debunking Myths About CMMC 2.0

November 29, 2021 Ed Bassett | 2 days ago 0
The Art (and Math) of Balancing CX With Fraud Prevention
Analytics & Intelligence Cybersecurity Governance, Risk & Compliance Industry Spotlight Mobile Security Network Security Security Awareness Security Boulevard (Original) 

The Art (and Math) of Balancing CX With Fraud Prevention

November 18, 2021 Rafael Lourenco | Nov 18 0

Top Stories

Aviatrix Adds Security Capabilities to Cloud Management Platform
Cloud Security Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight Vulnerabilities 

Aviatrix Adds Security Capabilities to Cloud Management Platform

November 30, 2021 Michael Vizard | Yesterday 0
Crypto Mining Hackers vs. Cloud Computing—Google States the Obvious
Analytics & Intelligence Application Security Cloud Security Cybersecurity DevOps Editorial Calendar Featured Identity & Access Incident Response Malware Network Security News Securing Open Source Securing the Cloud Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Crypto Mining Hackers vs. Cloud Computing—Google States the Obvious

November 29, 2021 Richi Jennings | 1 day ago 0
Biggest Single Crypto Theft: Teen Charged with $36M SIM-Swap Heist
Analytics & Intelligence Blockchain Cloud Security Cyberlaw Cybersecurity Data Security Digital Currency Featured Governance, Risk & Compliance Identity & Access Incident Response Mobile Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Biggest Single Crypto Theft: Teen Charged with $36M SIM-Swap Heist

November 22, 2021 Richi Jennings | Nov 22 0

Security Humor

XKCD 'Awful People'

XKCD ‘Awful People’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Techstrong Research
  • Techstrong TV
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
  • Digital Anarchist
Powered by Techstrong Group
Copyright © 2021 Techstrong Group Inc. All rights reserved.