Blue Shield of California shared private health data of 4.7 million members with Google without consent

Serving tech enthusiasts for over 25 years.

TechSpot means tech analysis and advice you can trust.

A hot potato: Health insurance provider Blue Shield of California is notifying customers that it had been sharing the private health information of up to 4.7 million members with Google’s analytics and advertising platforms for three years without their knowledge or consent. A wide range of data was exposed, and it may have been used by Google for targeted ad purposes.

Blue Shield of California wrote on its website that it has begun notifying certain members of a potential data breach that may have included elements of their protected health information.

The issue stems from Blue Shield using Google Analytics to internally track website usage of members who entered certain Blue Shield sites.

On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, a misconfiguration of Google Analytics on certain Blue Shield sites allowed members’ sensitive health data to be shared with Google Ads.

The shared data may have included insurance plan details, addresses, gender, family size, Blue Shield-assigned account identifiers, financial responsibility info, and search queries and results for the “Find a Doctor” tool (location, plan name and type, provider name and type).

The notice adds that Google may have used this data to carry out targeted ad campaigns against individual members. That’s certainly unnerving when private, personal health details are being exploited.

Blue Shield says it ended its relationship with Google Analytics and Google Ads on its websites in January 2024.

Blue Shield writes that Social Security numbers, driver’s license numbers, and banking or credit card information were not disclosed. However, it’s recommended that members closely review their account statements and credit reports for anything suspicious. There are also recommendations to order a free credit report and place a fraud alert on it.

Companies tend to offer free identity fraud and theft protection in cases like these, but there’s no mention of Blue Shield offering these services. The notice’s “What we are doing” section simply states that Blue Shield “regrets” what happened; there’s no actual apology.

Blue Shield isn’t the first healthcare firm to make this mistake. As noted by TechCrunch, insurance giant Kaiser said it shared the data of 13 million patients with advertisers, including Google, Microsoft, and X, after embedding tracking code on its website. Cerebral, Monument, and Tempest also shared patients’ personal and health information with advertisers.

Masthead: Steve Rhodes

Laine Menjivar
Read More

Latest

How to Bet on Soccer: World Cup Betting Guide and Strategies

Soccer This page may contain affiliate links to legal...

Akor Adams transfer: Venezia chief in Spain as Sevilla star nears record-breaking move

Soccer Venezia have stepped up their efforts to sign...

I regret not joining Liverpool – 98-cap Super Eagles star laments

Soccer Nigeria players. Copyright: Imago Super Eagles and Paris FC...

Newsletter

Don't miss

Breitbart Business Digest: Stacking Those $250 Trump Bills

Weekly Wrap: Making It Rain with Trump Bills Welcome back to Friday! This is the Breitbart Business Digest weekly wrap, our septidialogic sweep through the economic and financial news. This week the economy failed to get indigestion from the high price of gas, Treasury Secretary Scott Bessent told us about getting fed at the Fed, Trump

Business seminar in Munich highlights Hong Kong’s strategic roles amidst global shifts (with photos)

Business seminar in Munich highlights Hong Kong's strategic roles amidst global shifts (with photos) ******************************************************************************************      The Hong Kong Economic and Trade Office, Berlin (HKETO Berlin), promoted Hong Kong's unique advantages and strategic roles at the seminar "Hong Kong's strategic role amidst geopolitical tensions" on June 18 (Munich time) in Munich, Germany.             Senior executives, investors

AI for business services: From job fears to productivity

AI for business services: From job fears to productivity