Aetna Inc. will offer free credit monitoring for a year to about 65,000 people after some e-mails were copied from the health insurer’s job application Web site.
Hartford, Conn.-based Aetna said Social Security numbers of current and former employees and people who received job offers from the company were stored on the Web site, which was maintained by an outside vendor.
Most of the information was from current and former employees. For people who received job offers, the site also stored phone numbers, addresses and employment histories.
Aetna has no reports that this information or the Social Security numbers were copied, spokeswoman Cynthia Michener said.
“We know for certain that the e-mails were accessed, we don’t know whether or not anything else was accessed,’’ she said. “But we’re erring on the side of caution, we want people to know.”
The site held e-mail addresses for about 450,000 people who had applied for jobs or submitted resumes to the company, but Michener said they don’t know how many were copied. Some people left their e-mails on the site so they could be notified if an opening came up that matched their skills.
Michener said some of these e-mails were copied from the site and then used to contact applicants. She said Aetna hired an outside company to perform a “thorough forensic review” of the site, but they haven’t been able to pinpoint how the breach happened.
The managed care company first heard about the problem in early May, when it received complaints from applicants who received phony e-mails that told them they had a job offer or asked for personal information like addresses and telephone numbers.
Aetna immediately shut down the Web site and started investigating, Michener said. It posted a warning on its main Web site, www.aetna.com, that the e-mails were not coming from the health insurer.
The insurer then sent out letters with the offer of free credit monitoring last week.