What happened

An unauthorized party gained access to two employee email accounts, allowing them to view protected health information (PHI) such as names, dates of birth, medical record numbers, and medical information. 

What Kaiser Permanente did

Kaiser Permanente immediately terminated the unauthorized access, reset the affected employees' passwords, and launched an investigation. They also sent notification letters to affected individuals on November 1, 2024. 

What Kaiser Permanente said

Kaiser Permanente stated that no Social Security numbers or financial information were involved in the breach, and that there is no evidence of any misuse of the exposed information. 

Generated by AI