Kaiser Permanente announced on Monday that it is alerting millions of its members and patients about a data transfer to technology firms that may have included some of their personal details. This data was sent to third-party vendors Google, Microsoft Bing, and X (formerly Twitter) when members and patients used Kaiser’s websites or mobile apps.

The healthcare organization stated that it is informing 13.4 million current and former members about the breach. However, the information disclosed did not include usernames, passwords, Social Security numbers, financial account details, or credit card numbers. Instead, it was limited to IP addresses, names, indicators that a member or patient was logged into a Kaiser Permanente account or service, details showing their interactions and navigation on the website and mobile apps, and the search terms used in the health encyclopedia.

“Kaiser Permanente is not aware of any misuse of any member’s or patient’s personal information,” the company said in a statement. “Nevertheless, out of an abundance of caution, we are informing approximately 13.4 million current and former members and patients who accessed our websites and mobile applications. We apologize that this incident occurred.”

Kaiser is currently conducting an internal investigation into the breach.