The Indiana attorney general’s office is suing health insurance giant WellPoint Inc. for $300,000 for waiting months to notify customers that their medical records, credit card numbers and other sensitive information may have been exposed online.
The lawsuit filed Oct. 29 in Marion County accuses WellPoint of violating a state law that requires businesses to provide notification of data breaches in a timely manner.
State officials say the personal records were exposed for at least 137 days between last October and March. The suit says WellPoint learned of the problem Feb. 22 but didn’t start notifying customers until June.
WellPoint says it notified customers after analysis identified those potentially affected. The insurer previously said 470,000 people might have been affected.
Was this article valuable?
Here are more articles you may enjoy.
PwC Pays $166 Million to Settle HK Evergrande Audit Probe 
AI Ruling Prompts Warnings From Lawyers: Your Chats Could Be Used Against You 
State Farm Paid a ‘Hail’ of a Lot of Claims in 2025 
Scientists Burn Homes to Figure out How to Best Protect Them in Wildfires 
Want to stay up to date?
Get the latest insurance news
sent straight to your inbox.