WellPoint Inc., the largest health insurer by membership in the U.S, reported yesterday that personal data of about 128,000 of its customers was exposed online over the past year.

This information from customer in different states may have included social security numbers, pharmacy or medical data and member ID numbers, according to the company. However, the problem was fixed and the company is notifying customers according to Shannon Troughton a spokeswoman for WellPoint.

We're constantly working to fortify and bolster our security, she added commenting that WellPoint is still using the same vendor.

The company said that the problem was originated in two Internet servers maintained by third-party vendors.

The health insurer has offered free credit-monitoring services for affected customers but has not received reports of credit fraud or identity theft.

In October 2006, WellPoint had security problems when back-up tapes were stolen from a computer with information of about 200,000 members. In 2007, a compact disc containing unprotected information was lost with information of about 75,000 customers.