"While we don't believe this information has been used inappropriately, out of abundance of caution and in transparency, we are disclosing an ongoing search for the hard drives," Centene CEO Michael Neidorff said in a statement.
Centene, a Fortune 500 company that reported $16 billion in revenue in 2014, operates health plans for 2.9 million members in 21 states.
The hard drives contained the personal health information of customers who received laboratory services from 2009 to 2015. The personal information on its customers includes their name, address, date of birth, Social Security number, member ID number and health information.
The hard drives do not include any financial or payment information, Centene stated.
Neidorff said the hard drives were part of a data project using laboratory results "to improve the health outcomes of our members."
The St. Louis-based company said it will notify customers who could be affected by a data breach and it will offer free credit and healthcare monitoring service to them.
Additionally, Centene said it is in the process of reinforcing and reviewing its procedures related to managing its IT assets.