On May 28, Aetna disclosed that email data had been copied from its online employment Website. The company said the site contained information on approximately 450,000 employees and prospects, and that some of the email information had been used to create fake email to contact people whose information was stored on the site.
Approximately 65,000 Social Security numbers were stored on the site. Although the company confirmed that email data had been copied, Aetna says it has no reports that personal information or the Social Security data were copied. As a precaution, the company sent notification letters to all 65,000 of those whose Social Security data was involved and offered free credit monitoring services.
The federal class action, led by former employee Corneilus Allison, claims AETNA insurance allowed hackers to enter its Web site and gain access to personal information. It demands credit monitoring, punitive damages, costs, and other relief.
Aetna has not yet disclosed exactly how the breach occurred. The Website was taken down temporarily after the breach was discovered.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.