Kaiser Permanente announced a data breach earlier this month could have caused millions of members' personal information to be shared with third-party tech vendors.
The Oakland, California-based healthcare company informed 13.4 million current and former members and patients of the breach, according to a statement shared with CBS 8.
The U.S. Department of Health and Human Services lists the Kaiser Foundation Health Plan in its breach portal as an "unauthorized access/disclosure," dated April 12.
Kaiser says it is not aware of any misuse of consumers' personal information, but apologized the incident happened.
Online technologies previously installed on Kaiser's websites and mobile applications could have shared consumers' personal information with Google, Microsoft Bing, and X, formerly Twitter, Kaiser said.
After conducting a voluntary internal investigation into its use of the online technologies, the company removed them from its websites and mobile applications. Kaiser has also worked with experts to add measures intended to prevent another breach, the company said.
Kaiser said the third party vendors did not have access to patients' usernames, passwords, Social Security numbers, financial information and credit card numbers. The breach was limited to IP address, name, information that could signify people were signed into a Kaiser Permanente account or service, information showing how people interacted with Kaiser's website and mobile applications, and search terms from the health encyclopedia.
WATCH RELATED: Kaiser Permanente healthcare workers to announce strike authorization vote (Aug. 24, 2023)
