UPDATE 1-WellPoint fined $1.7 mln for exposing health data on Internet
July 11 (Reuters) - Health insurer WellPoint Inc will pay $1.7 million for allowing health and other personal information from hundreds of thousands of people to be accessed over the Internet, the U.S. Department of Health and Human Services said on Thursday.
Security weaknesses in an online application database exposed information for 612,402 individuals between October 2009 and March 2010, according to the agency.
Data included names, dates of birth, addresses, Social Security numbers, telephone numbers and health information.
WellPoint, the second largest U.S. health insurer, said it informed those who were potentially impacted and has cooperated with the review.
"As soon as the situation was discovered in 2010, we made information security changes to prevent it from happening again," the company said in an emailed statement.
WellPoint said it also provided credit monitoring and identity theft insurance to all those affected, and that it is not aware of any fraud or identity theft arising from the incident.