Complain about a product or service

Nationwide, Aetna Customer Data Stolen

By Martin H. Bosworth
ConsumerAffairs.com

January 25, 2007

Data Theft • 68,000 CalOptima Members at Risk in Data Breach • Express Scripts Extortion Scheme Widens • Technology Could Be Key To Stopping Unauthorized Charges • T-Mobile: No Hacking in Data Breach • T-Mobile Confirms Data Breach • Consumers Increasingly Concerned About Online Transactions • Are Identity Theft Services Worth the Cost? • Online Tools Help Spot Financial Fraud • Financial Fraud Hits 7.5 Percent Of Americans In 2008 • Feds Charge Mortgage Broker In Potential Data Breach • Millions of Credit Cards Exposed in Data Breach • 2008 Data Breach Total Soars • Bank Data Breach Threatens 248,000 in North Carolina • GPS Not Foolproof • Countrywide Warns Millions of Data Breach • Thieves Steal AT&T Laptop with Employee Data • Report: Data Breach Disclosure Laws Don't Affect Identity Theft • Patient Information Exposed in Data Breach at Walter Reed • Supermarket Chain Reports Data Breach • Report: Feds Still Not Doing Enough To Secure Data • Data Thieves Hit Georgetown University Students, Faculty • 800,000 Job Seekers At Risk In Gap Data Breach • TJX Data Breach Settlement Has Strings Attached • More ...

The personal records of Nationwide Mutual Insurance's 28,000-plus customers were stolen from the offices of a contracting vendor, the company said.

In addition to the Nationwide data tapes, the thieves made off with backup data tapes containing information on the medical claims of 130,000 Aetna customers.

The break-in took place at the Weymouth, Mass., offices of Concentra Preferred Systems, which audits hospital stay claims for Nationwide to ensure the company does not overpay.

The theft occurred on Oct. 26th, but Nationwide delayed notifying customers while it investigated the likelihood of identity theft.

Concentra made the theft public on Dec. 1st, 2006, and claimed that law enforcement investigations determined that the theft was for "cash or pawnable items of value, and not the act of sophisticated criminals targeting specific data."

Concentra said it had enlisted a forensic team from global accounting firm Grant Thornton to investigate the possibility that the tapes would be used for identity theft.

The Grant Thornton team claimed that, "Restoring data from a back-up tape like the one we tested for Concentra is generally considered to be a time-consuming process requiring specialized knowledge ... Typically, this level of technical sophistication exceeds the capabilities of the average computer user."

Nationwide was in the process of offering free credit monitoring and identity theft insurance to affected customers, though the company did not specify from which vendor.

The outsourcing of medical functions to third-party vendors may cut costs, but it also opens any company up to the threat of data breaches, whether from thefts of equipment or attacks by enterprising hackers.

Georgia-based Emory Healthcare suffered the loss of data on 38,000 patients when a laptop was stolen from the offices of a contracting company in Dec. 2006.

An employee of Perot Systems lost several CDs containing the personal and medical information on 260,000 patients of the Midwest-based Sisters of St. Francis hospital chain in October 2006. The CDs were later recovered, and the hospital claimed the data had not been accessed.

Aetna itself had a data breach last year when a laptop containing information on another 38,000 customers mysteriously disappeared in May 2006.

Report Your Experience
If you've had a bad experience -- or a good one -- with a consumer product or service, we'd like to hear about it. All complaints are reviewed by class action attorneys and are considered for publication on our site. Knowledge is power! Help spread the word. File your consumer report now.

Share		Follow us on Twitter.

Back to the top |