KPH A.I CyberSecurity Scoring
KPH
Company Information
Website:http://kaiserpermanentehealthcare.org
Employees number:19
Number of followers:144
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:kaiserpermanentehealthcare.org
KPH Risk Score (AI oriented)
Between 550 and 599
KPHHospitals and Health Care
Updated:
02/04/2026
02/04/2026
568/1000
Very Poor
Ca
KPH Global Score (TPRM)
xxxx
KPHHospitals and Health Care
Score locked

KPHVery Poor
Current Score
568Ca (VERY POOR)
01000
5 incidents
-174 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
580
JUNE 2026
575
MAY 2026
573
APRIL 2026
571
MARCH 2026
568
FEBRUARY 2026
564
JANUARY 2026
733
Breach
15 Jan 2026 • KPH
Kaiser Permanente: Kaiser Permanente reaches $46 million settlement over data breach — how to file your claim
Kaiser Permanente Data Privacy Breach Settlement
559
CRITICAL-174
KAI1768522711
Kaiser Permanente Settles $46M Over Unauthorized Sharing of Patient Data
U.S. healthcare provider Kaiser Permanente has agreed to a $46 million settlement following allegations that it shared sensitive patient data with third-party companies, including Google, Microsoft, Meta, and X, without consent. The settlement stems from multiple lawsuits filed in April and May 2024, which were consolidated into a class-action case.
Between November 2017 and May 2024, Kaiser’s websites and mobile apps allegedly used tracking code from services like Google Analytics and Meta Pixel, inadvertently transmitting members’ personal and health information such as IP addresses, names, search terms, medical histories, and communications with healthcare providers to these tech firms. While Kaiser denies wrongdoing and asserts no evidence of data misuse, the company opted to settle to avoid prolonged litigation.
The settlement covers approximately 13 million current and former Kaiser members in California, Colorado, Georgia, Hawaii, Maryland, Oregon, Virginia, Washington, and Washington, D.C. Eligible individuals have until March 12, 2026, to file a claim, with payments expected to range between $20 and $40 per person. The final court approval hearing is scheduled for May 7, 2025, after which payments will be distributed.
Kaiser removed the tracking code in 2024 and implemented additional security measures to prevent future incidents. While Social Security numbers and other highly sensitive data were not exposed, the breach highlights risks associated with third-party tracking tools in healthcare.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
733
NOVEMBER 2025
732
OCTOBER 2025
732
SEPTEMBER 2025
731
AUGUST 2025
731
OCTOBER 2017
663
Breach
09 Oct 2017 • KPH
Kaiser Foundation Health Plan, Inc.
Kaiser Foundation Health Plan Data Breach
605
LOW-58
KAI345072625
The California Office of the Attorney General reported that Kaiser Foundation Health Plan, Inc. experienced a data breach on October 9, 2017. The breach involved the inadvertent mailing of protected health information to another member. Approximately one affected individual was identified, and the information disclosed included the individual's name and prescription medication. A breach notification letter was also available.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2017
719
Breach
18 Sep 2017 • KPH
Kaiser Foundation Health Plan, Inc.
Kaiser Permanente Health Plan Data Breach (2017)
661
MEDIUM-58
KAI547091725
On September 21, 2017, Kaiser Permanente Health Plan experienced a data breach reported by the California Office of the Attorney General on October 20, 2017. The incident involved an operational error where personal health information intended for one member was inadvertently mailed to another member. The exposed data included member names and medical record numbers, but no financial information or extensive medical details were compromised. The breach was limited to a misdirection of physical mail, resulting in unauthorized access to basic personal and health identifiers. While the incident did not involve cybercriminal activity, malicious intent, or large-scale data exposure, it still posed a risk of privacy violations for the affected individuals. Kaiser Permanente likely took corrective measures to prevent similar errors in the future, including reviewing mailing protocols and reinforcing data handling procedures. The breach highlights the importance of safeguarding even seemingly low-sensitivity information, as improper disclosure can erode trust and potentially lead to identity-related risks.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MAY 2013
715
Breach
16 May 2013 • KPH
Kaiser Foundation Health Plan, Inc.
Kaiser Foundation Health Plan Data Breach
658
HIGH-57
KAI642072625
The California Office of the Attorney General reported that Kaiser Foundation Health Plan, Inc. experienced a data breach on May 16, 2013. An employee accidentally emailed confidential member information, including personal details, to an unauthorized recipient. The breach was reported on September 11, 2013.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2011
762
Breach
26 Sep 2011 • KPH
Kaiser Foundation Health Plan
Kaiser Foundation Health Plan Data Breach
697
HIGH-65
KAI834072825
The California Office of the Attorney General reported that Kaiser Foundation Health Plan experienced a data breach on September 26, 2011, affecting confidential employee information, including names, Social Security Numbers, Dates of Birth, and addresses. The breach was reported on March 16, 2012.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for KPH ??
What was KPH's A.I Rankiteo Cyber Score in June 2026 ??
What was KPH's A.I Rankiteo Cyber Score in May 2026 ??
What was KPH's A.I Rankiteo Cyber Score in April 2026 ??
What was KPH's A.I Rankiteo Cyber Score in March 2026 ??
What was KPH's A.I Rankiteo Cyber Score in February 2026 ??
What was KPH's A.I Rankiteo Cyber Score in January 2026 ??
What was KPH's A.I Rankiteo Cyber Score in December 2025 ??
What was KPH's A.I Rankiteo Cyber Score in November 2025 ??
What was KPH's A.I Rankiteo Cyber Score in October 2025 ??
What was KPH's A.I Rankiteo Cyber Score in September 2025 ??
What was KPH's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on KPH's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with KPH ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view KPH's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?