The Associated Press reports that the Indianapolis company said the problem stemmed from an online program customers can use to track the progress of their application for coverage that was upgraded by an outside vendor. After the upgrade, a California customer discovered she could call up confidential information of other customers by manipulating Web addresses used in the program.
WellPoint learned about the problem when the customer filed a lawsuit about it against the company in March. According to Business Insurance WellPoint alleged in a statement that the “vast majority” of the site manipulation and unauthorized access “occurred at the hands of certain attorneys representing an applicant,” and said it believes the manipulation “was conducted to support a class action against Anthem Blue Cross and/or its parent company—over the very breach being committed.”
A company spokesperson said the company fixed the issue within 12 hours of knowing the problem existed, according to the AP.The insurer notified all individual insurance customers who had information in its application tracking program from October through March. It will provide a year of free credit monitoring.