Health information for 1,708 Aetna members in Ohio and about 522 in Texas was exposed online for months, according to San Antonio Express-News.
"The information available online generally included first name, last name, Aetna member identification number, provider information, claim payment amount and in some cases procedure/service codes and dates of service," Hartford, Conn.-based Aetna said in a news release obtained by cleveland.com. "There are no instances of Social Security numbers or bank account or credit card information being involved."
Aetna first found evidence of exposed information Feb. 1, Aetna spokesperson Ethan Slavin told San Antonio Express-News. Aetna began investigating possible security issues April 27. The information was removed the next month after a security team discovered the "privacy breach" May 10, the report states. The payer finished its review June 9.
The payer said the privacy breach involved "two computer services that display documents to members."
Jim Routh, chief security officer for Aetna, said in a statement obtained by cleveland.com, "At this time, we are not aware of any misuse of the information made available online as a result of this incident."