Particle.news
Download on the App Store
6 ARTICLES
·
4d ago

Blue Shield of California Breach Exposed 4.7 Million Members’ Health Data to Google

A Google Analytics misconfiguration caused years-long sharing of sensitive patient information, raising concerns over data misuse and privacy protections.

LOS ANGELES, CA - MARCH 31: General view of an advertisement billboard for Blue Shield of California during a regular season game between the Arizona Diamondbacks and Los Angeles Dodgers on March 31, 2023, at Dodger Stadium in Los Angeles, CA. (Photo by Brandon Sloter/Icon Sportswire via Getty Images)
Image
Image
Image

Overview

  • Blue Shield of California disclosed that private health data of 4.7 million members was shared with Google from April 2021 to January 2024 due to a misconfigured Google Analytics integration.
  • The exposed data included sensitive details such as patient names, medical claim dates, service providers, insurance information, and search terms used on Blue Shield’s website.
  • The breach represents the largest healthcare-related data incident of 2025, as confirmed by the U.S. Department of Health and Human Services.
  • Blue Shield severed the Google Analytics connection in January 2024 but only realized in February 2025 that protected health information had been included in the shared data.
  • It remains unclear whether Google has deleted the data or if Blue Shield will provide identity protection services to affected members.