Data Protection Academy » Data Protection News » Swiss health insurance company CSS sent billing data to wrong customers

A computer screen showing a programming language on black and white.

Data breach at CSS: Billing data sent to wrong customers

Date: 27.08.2019

Responsible body: Swiss health insurance CSS

Nature of the data breach: Swiss health insurer CSS sends thousands of statements to wrong customers

Data breach at CSS, once again thousands of billing data have been sent to wrong customers via the online portal of the Swiss health insurance CSS. In the process, complete strangers have had access to the highly sensitive health data of others. According to projections, this could have affected about 12,000 accounts per year.

The health insurance company has already taken measures to ensure that this mistake is not repeated. However, the Office of the Federal Data Protection Commissioner sees no need for further action for the time being.

Categories of data concerned: Health data

Classification in practice: Highly sensitive data

Country: Switzerland (safe third country)

Sourcesrf.ch

Back to the overview of the data breaches

Book demo

Nadine Porrmann
Latest posts by Nadine Porrmann (see all)

This might interest you too:

Data breach at Klarna: Third party data visible

Entering a postcode and e-mail was sufficient to view third party data. The autofill function is to blame.
Read more

Data breach Microsoft customer records leaked

In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.
Read more

British government published private addresses of stars

The British government publishes the addresses of around 1000 celebrities, politicians and private individuals who receive the traditional New Year's honours.
Read more