Kaiser Permanente has begun notifying millions of its health plan members that the company was hit with a data breach in mid-April, according to a filing with the feds.
The Kaiser Foundation Health Plan said about 13.4 million people were affected and submitted the required documentation to the Department of Health and Human Services on April 12. That notice was posted publicly on Thursday.
Kaiser Permenante told Reuters it has not identified any misuse of those data.
According to a statement to TechCrunch, the data breach stems from tracking technology that shared patient information with advertisers such as Microsoft and Google. The healthcare giant told the publication that after an investigation it found "certain online technologies, previously installed on its websites and mobile applications, may have transmitted personal information to third-party vendors."
Those vendors were able to access information such as patients' names and IP addresses as well as indicators that they were signed into a Kaiser Permanente account and the ways they navigated different websites or applications, according to the article.
Kaiser Permanente told TechCrunch that these tracking technologies have since been removed from their websites and apps.
The listing is the largest confirmed data breach in healthcare so far this year, according to the article. Earlier this week, UnitedHealth Group said preliminary analysis of the data stolen in the cyberattack on its Change Healthcare subsidiary indicates that it "could cover a substantial proportion of people in America." However, the company has yet to provide full numbers on how many people were impacted.