Blue Shield of California Provided Google With Data From 4.7 Million People

Posted on by

Blue Shield of California shared the protected health information of 4.7 million people with Google over a nearly three-year period. According to Bleeping Computer , the data breach affected the majority of its nearly 6 million members.

This is not the only major data breach to affect a healthcare organization in the past year alone. In October 2024, the records of a Community Health Center were hacked , compromising the data of more than a million people, as well as an attack on the laboratory testing company Lab Services Cooperative, which affected the records of 1.6 million Planned Parenthood patients . In February 2024, UnitedHealth Group suffered a hack that exposed the data of more than 100 million people.

What happened to Blue Shield of California?

According to an April 9 notice posted on Blue Shield of California’s website, the company allowed certain data, including protected health information, to be shared with Google Ads through Google Analytics, which could allow Google to serve targeted ads to members. The breach was not discovered until February 11, 2025, but occurred over several years, from April 2021 to January 2024, when the connection between Google Analytics and Google Ads was broken on Blue Shield websites.

The following Blue Shield member information may have been compromised:

  • Insurance plan name, type and group number

  • City and postal code

  • Floor

  • Family size

  • Blue Shield assigns IDs to online accounts

  • Date and health insurance provider

  • Patient name

  • Patient financial responsibility

  • Search criteria and results “Find a doctor”

According to the notice, no additional personal information – Social Security numbers, driver’s license numbers, or banking and credit card information – was disclosed. Blue Shield also states that no attacker was involved in the incident, and they have not confirmed that the information was used maliciously.

What are your thoughts so far?

What to do if your information is leaked

Blue Shield of California has begun notifying members about the breach, although the company cannot confirm whether any specific person’s information was compromised. Blue Shield does not currently offer credit monitoring or identity protection services to affected members. If you have questions about the hack and how it may affect you, you can call Customer Service at 833-918-5064, Monday through Friday, 6:00 a.m. to 6:00 p.m. PT.

However, as with any data breach, you should continue to monitor your credit report and financial accounts for any suspicious activity. Request a free copy of your credit report (available weekly), freeze your credit and post a fraud alert, and take steps to protect your Social Security number from fraudulent use.

More…

Security

Leave a Reply