Health insurers step up security, scrub websites of leadership information

The killing of UnitedHealthcare CEO Brian Thompson is spurring other major health companies to remove the photos of executives from their websites, close buildings and even switch to a virtual investor day rather than an in-person public event. 

Amid rising security concerns, companies have removed previously public information from their websites.

UnitedHealth Group, the parent company of UnitedHealthcare, has removed the “Our Leaders” webpage showing the photos and bios of its top executives. 

Elevance, previously known as Anthem, now redirects its “Senior Leadership” page to the company’s home page. 

The website for Humana’s board of directors now leads to a contact form with no information about its members. 

CVS Health, which owns insurer Aetna, no longer includes any pictures of its leadership team.  

Corporate security consultants said removing identifying information like photos is a good step for companies to take if they’re worried about risks, though in this case that information is mostly already public. 

“That’s all findable,” said Drew Neckar, a principal consultant at Cosecure, a security and risk management company. “Even more importantly is ensuring that you’ve scrubbed kind of the personal details for executives that are out there on the web.” 

Chris Pierson, CEO of BlackCloak, which provides private digital security for C-suite executives and their families, noted companies can sometimes make too much information public in an attempt to humanize executives. 

“Things that are meant to deliver trust and confidence in the executives, humanize them … can be used for ill will,” Pierson said. “And so reducing and mitigating the amount of things that are out there is absolutely something that should be examined.” 

Pierson added that even though the companies’ information had long been public, they did not act too late when it was taken down. 

“There’s absolutely no risk of removing it now and stopping that forward, ongoing potential for the next adversary that’s out there,” Pierson said.  

Thompson was fatally shot Wednesday morning by an unknown gunman outside a hotel in midtown Manhattan, where UnitedHealth Group was holding its annual investor conference. The event was called off shortly after company leaders learned of the killing.  

Police said Thompson was targeted, but there is not yet speculation on a motive. The gunman left behind shell casings with the words “deny,” “delay” and “depose” on them, which are often used by critics of the health insurance industry’s strategy for denying claims for customers.   

Dave Komendat, president of DSKomendat Risk Management Services and a former chief security officer at Boeing, said health care is an industry where company leaders will often face threats. 

“Anytime you have a service or a product that can create a significant emotional response from someone, if that service or product doesn’t go according to plan, [it] creates risk,” Komendat said.  

Other insurance companies took further steps for security. 

Midwest-focused health insurer Medica temporarily closed its headquarters in Minnetonka, Minn., the same Minneapolis suburb where UnitedHealth has its corporate base. 

A spokesperson told The Minnesota Star Tribune that the office would be closed through at least Dec. 13 “out of an abundance of caution.”  

And Centene, which is one of the largest Medicaid insurers, was scheduled to hold its investor conference at the New York Stock Exchange next week. The company said “in the wake of the tragic loss of UnitedHealthcare’s CEO Brian Thompson” it will now be hosting an online event instead.  

“All of us at Centene are deeply saddened by Brian Thompson’s death and want to express our support for all of those affected. Health insurance is a big industry and a small community; many members of the CenTeam crossed paths with Brian during their careers,” Centene CEO Sarah M. London said in a statement.  

Centene had no photos of its executives on its website Friday. 

But aside from removing photos and changing an in-person event, other insurance companies on Friday — including CVS/Aetna, Humana, and Kaiser Permanente — did not comment on any additional changes to security they may be making. 

Komendat said he expects companies will react more once police can ascertain a motive for the shooting, but some executives may not want to wait.  

“I think the motive is going to be important,” Komendat said. “But I also think that regardless of the motive, there is going to be a certain population of the C-suite who does not want to have to look over their shoulder, who does not want to have to walk down the street and be afraid, and that can be mitigated to some degree by knowing that they have an effective security program.”