Connecticut Attorney General Richard Blumenthal said he is investigating “a massive security breach” at WellPoint Inc. that may have compromised financial and health information on almost 500,000 people.
Blumenthal wrote to the Indianapolis-based company, the largest U.S. health insurer, asking for information on how the breach occurred, what’s being done to protect those affected and how to prevent future incidents, he said Friday in a statement.
“This information breach is only the latest in a disturbing series of cases where nonpublic personal information has been subjected to unauthorized access,” Blumenthal said.
WellPoint should provide all affected consumers with two years of credit monitoring services and at least $25,000 of identity theft protection, Blumenthal said.
Kristin Binns, a spokeswoman for WellPoint, said she could not immediately confirm receipt of the letter.
The company has said that the problem stemmed from an online program customers can use to track the progress of their application, and that it was fixed in March.