Despite the fact that it "takes the privacy and security of our members' information seriously," the health insurance company Centene can't find six unencrypted hard drives with 950,000 customers' private health data, addresses, dates of birth and social security data.
The company used the unencrypted, unredacted records for a data-mining effort.
They're offering free credit and healthcare monitoring to the affected customers.
Centene has determined the hard drives contained the personal health information of certain individuals who received laboratory services from 2009-2015 including name, address, date of birth, social security number, member ID number and health information. The hard drives do not include any financial or payment information. The total number of affected individuals is approximately 950,000.
"Consistent with our policies around communication and transparency, we are beginning the process of notifying all affected individuals and all appropriate regulatory agencies as we continue to search and investigate," said Neidorff.
Centene Announces Internal Search of Information Technology Assets
[Corporate IR]
(via /.)