A California court has granted preliminary approval to a lawsuit settlement over an online security breach of health insurer WellPoint Inc.'s records.
WellPoint said that last summer it notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in a security breach involving a program used to track coverage applications. Company officials have said the problem was fixed about 12 hours after the insurer learned about it.
A statement from a plaintiff's attorney involved in the case said Monday that the settlement will offer two years of free credit monitoring and identity theft insurance to eligible class members. The attorney said an investigation found few unauthorized viewings of the Web site.
WellPoint said Monday in a separate statement that it believes most of the people who manipulated the website to gain access were attorneys researching possible litigation over the security breach. The insurer told customers about the breach last year and offered some free credit monitoring then.
WellPoint, based in Indianapolis, is the largest commercial health insurer based on membership, with more than 34 million members. It runs Blue Cross Blue Shield plans in 14 states and Unicare plans in several others.
The insurer reached an agreement with Indiana over the breach earlier this year.