Data Protection Academy » Data Protection News » Swiss health insurance company CSS sent billing data to wrong customers

Data breach

Swiss health insurance company CSS sent billing data to wrong customers

Date: 27.08.2019

Responsible body: Swiss health insurance CSS

Type of data mishap: billing data sent to the wrong customers

Data breach at CSS, once again thousands of billing data have been sent to wrong customers via the online portal of the Swiss health insurance CSS. In the process, complete strangers have had access to the highly sensitive health data of others. According to projections, this could have affected about 12,000 accounts per year.

The health insurance company has already taken measures to ensure that this mistake is not repeated. However, the Office of the Federal Data Protection Commissioner sees no need for further action for the time being.

Categories of data concerned: Health data

Classification in practice: Highly sensitive data

Country: Switzerland (safe third country)

Back to the overview of the data breaches

Nadine Porrmann
Latest posts by Nadine Porrmann (see all)

This might interest you too:

Data protection Data breach

Data breach at Klarna: Third party data visible

Entering a postcode and e-mail was sufficient to view third party data. The autofill function is to blame.
Data protection Data breach

Data breach Microsoft customer records leaked

In December 2019, 250 million support requests to Microsoft were available online for two days. Security researchers reported the data breach to Microsoft.
Data protection Data breach

Massive data breach at car rental company Buchbinder

Over 2.5 million German customers affected. High potential for abuse, use your right to information and ask if you are affected.