Blue Shield of California has announced a significant data breach, revealing that the protected health information of 4.7 million members was inadvertently shared with Google's analytics and advertising services.

The healthcare provider, serving nearly 6 million individuals in California, issued a notification on its website detailing that the exposure occurred between April 2021 and January 2024.

The United States Department of Health and Human Services breach portal has been updated to reflect this incident, confirming the scale of the data exposure.

Cause of the Data Breach

The breach was attributed to a misconfiguration of Google Analytics on certain Blue Shield websites. This error potentially allowed sensitive member data to be accessed by Google's advertising platforms and associated advertisers.

On February 11, 2025, Blue Shield identified that the misconfiguration enabled the sharing of protected health information with Google Ads, which may have been used for targeted advertising campaigns.

Details of Exposed Data

  • Insurance plan name, type, and group number
  • City and zip code
  • Gender and family size
  • Blue Shield identifiers for online accounts
  • Medical claim service details, including provider and patient information
  • "Find a Doctor" search criteria and results

Importantly, Blue Shield clarified that other sensitive information, such as Social Security numbers, driver's licenses, and financial data, were not compromised in this incident.

Recommendations for Members

Members are advised to remain vigilant by monitoring their account statements and credit reports for any unauthorized or suspicious activities. Despite the breach, Blue Shield has not yet offered identity theft protection services, and it remains uncertain if affected individuals will receive personal notifications.

Previous Incidents

This marks the second major IT security incident for Blue Shield of California within a year. Previously, nearly one million members' data was compromised by BlackSuit ransomware attackers who infiltrated the company's software provider, Connexure.

For more insights on protecting your data from breaches, visit our Research section.

The link has been copied!