Health Net (NYSE: HNT) is under investigation after it lost nine computer drives containing Social Security numbers and other personal information on almost 2 million current or former members.
California Insurance Commissioner Dave Jones said he would conduct a probe to determine whether Health Net "did everything it could have done to avoid and appropriately remedy this security breakdown," reports the Los Angeles Times. Additionally, the California Department of Managed Health Care already is investigating the security breach that also involved customers' addresses and financial data.
Health Net was notified about the breach by IBM, which manages the insurer's information technology, that it could not find the computer drives, according to the San Francisco Chronicle. It is notifying the affected individuals and offering two years of free credit-monitoring services, including fraud resolution and identity theft insurance.
"Based on the information we have compiled, this is among the top 20 security breaches (nationwide) since 2005," Beth Givens, director of Privacy Rights Clearinghouse, told the San Diego Union-Tribune. "This is a very large breach of very sensitive information.
In January, Health Net paid $55,000 to settle a similar case with the Vermont attorney general's office after it lost an unencrypted hard drive containing personal information for about 1.5 million people.