Aetna notified approximately 238 Virginia residents that Centerstone Insurance and Financial Services a general agent that also acts as a third-party vendor that Aetna utilizes to provide administrative services related to employee benefits had certain employee email accounts compromised.
Aetna confirmed that this incident did not involve any Aetna system or application, and did not involve any personal information that Aetna maintained.
Although Aetna is not aware of any evidence to indicate improper use of member information.
The exposed information includes names, addresses, Social Security numbers, dates of birth, zip codes, bank account numbers, plan descriptions, premium payment amounts, and health plan beneficiary numbers.
The company began to gather the information necessary to mail letters to affected members to explain the situation and provide additional resources.
"id": "AET3626323",
"linkid": "aetna",
"type": "Data Leak",
"date": "06/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"