Wednesday, January 22, 2020
  • Using Push Notifications for MFA
  • DEF CON 27, Voting Village – Sherri Ramsay’s ‘2020 Ready Or Not’
  • Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Salaryman’
  • Does my Scala Value Class really not get allocated?
  • Coverity & Black Duck together. Better. Faster. Stronger.

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Incident Response SBN News Security Bloggers Network 

Home » Cybersecurity » Data Security » Humana Informs Customers of Third-Party Security Incident

Humana Informs Customers of Third-Party Security Incident

by David Bisson on January 9, 2019

Humana has notified customers of a third-party security incident that might have exposed some of their personal information.

According to a breach notification letter obtained by DataBreaches.net, the for-profit American health insurance company learned on 25 October 2018 that bad actors had gained access to the system credentials of some employees at Bankers Life, one of Humana’s business partners. Those individuals then used those credentials to enter secure Bankers Life websites. There, they might have stolen the personal data of individuals who had applied for a Humana health insurance policy through those sites.

Bankers Life first learned of this incident on 7 August 2018. With the help of an external forensics investigator, the primary subsidiary of CNO Financial Group, Inc. determined that the unauthorized parties had accessed some of its employees’ credentials between 30 May 2018 and 13 September 2018. During that time, those bad actors might have acquired customers’ names, addresses, dates of birth, limited health insurance information and the last four digits of their Social Security Numbers.

Bankers Life’s investigation revealed that the incident didn’t expose the full Social Security Numbers, driver’s license numbers, financial information or sensitive medical data of most affected customers.

Following its discovery of the potential data breach, Bankers Life sent notification letters to 566,217 customers in which it offered them one year of free identity repair and credit monitoring services. It also urged them to monitor their credit reports and banking accounts for suspicious activity.

In its breach notification letter, Humana took a moment to inform customers of their options:

We want you to know that at Humana we take seriously our responsibility to ensure the security of your information. We regret any concern this incident might have caused. You have privacy rights under a Federal law that protects your health (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/humana-informs-customers-of-third-party-security-incident/

January 9, 2019January 9, 2019 David Bisson Humana, insurance, IT Security and Data Protection, Latest Security News, Security Incident
  • ← “Make No Mistake, American Companies Are Squarely in the Cross-Hairs of Well-Financed Nation-State Actors,” U.S. Counter-Spy Center Says
  • 85 Android Adware Apps Downloaded 9 Million Times →
Featured Blog

Enzoic

Automate Password Policy & NIST Password Guidelines

Enzoic

HITRUST & PASSWORDS: 7 Important Password Policies for HITRUST

Enzoic

Cybersecurity Trends to Watch in 2020

Enzoic

Employee Password Security for Healthcare Providers

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Keep Telnet Off the Internet – Here’s Why
IT Teams Need More Than Password Managers
Who Should the CISO Report To in 2020?
Security Pros Offer Best Bangs for 2020 Budget
Best Practices in Database Security Planning
DEF CON 27, Aviation Village, Ken’s and Alex’s ‘A Hackers First Solo: Airplane Avionics Security 101’
Patch or Mitigate Dangerous Microsoft Windows CryptoAPI Spoofing Vulnerability ASAP
Microsoft reports Zero-Day Internet Explorer vulnerability exploited in the wild
GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment
Imperva Mitigates Exploits of Citrix Vulnerability – Right Out of the Box

Upcoming Webinars

Feb 04

From Dystopia to Opportunity: Stories from the Future of Cybersecurity

February 4 @ 1:00 pm - 2:00 pm
Feb 05

Top Cybersecurity Threats and How SIEM Protects Against Them

February 5 @ 1:00 pm - 2:00 pm
Feb 14

The Role of Security Technologists in Public Policy

February 14 @ 11:00 am - 12:00 pm
Feb 25

New Paradigms for the Next Era of Security

February 25 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Open Source Security: Weighing the Pros and Cons

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

5 Ways to Get the Most From Your PAM Program
Cybersecurity Identity & Access Industry Spotlight Security Boulevard (Original) 

5 Ways to Get the Most From Your PAM Program

January 22, 2020 Anusha KM | 15 hours ago 0
Best Practices in Database Security Planning
Cybersecurity Data Security Industry Spotlight Security Boulevard (Original) 

Best Practices in Database Security Planning

January 21, 2020 Andrew Herlands | Yesterday 0
IT Teams Need More Than Password Managers
Cybersecurity Identity & Access Industry Spotlight Security Boulevard (Original) 

IT Teams Need More Than Password Managers

January 20, 2020 Chandramouli Dorai | 2 days ago 0

Top Stories

Security Compass CEO Sets DevSecOps Strategy
Cybersecurity DevOps Featured News Security Boulevard (Original) Spotlight 

Security Compass CEO Sets DevSecOps Strategy

January 21, 2020 Michael Vizard | Yesterday 0
Keep Telnet Off the Internet – Here’s Why
Cybersecurity Data Security DevOps Featured Identity & Access IoT & ICS Security Network Security News Security Boulevard (Original) Spotlight 

Keep Telnet Off the Internet – Here’s Why

January 20, 2020 Richi Jennings | 2 days ago 0
Oracle Spews 334 Patches, Many Critical. You Know the Drill
Cybersecurity Data Security DevOps Featured Network Security News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Oracle Spews 334 Patches, Many Critical. You Know the Drill

January 17, 2020 Richi Jennings | Jan 17 0

Security Humor

via  Luke Kingma  and  Lou Patrick-Mackay  at  Futurism Cartoons

Luke Kingma’s & Lou Patrick-Mackay’s Futurism Cartoons ‘Salaryman’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2020 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.