Is Covered California a government entity, for profit, non profit, other...? Not that it matters.
"Leak" is not the right term. By default a "website" is a 404. Throw some HTML on there and users can see something. Adding LinkedIn tracking is a deliberate choice. Calling the data "leaked" is like saying a raft sprung a "leak" when the person in the raft punctured it 60 times (number of trackers). The data was shared and pushed to LI, on purpose. They (Covered CA) installed LinkedIn's code on their site. The code did exactly what it was intended to do, send data to LinkedIn.
A leak is accidental, this was a choice by Covered CA.
"Leak" is not the right term. By default a "website" is a 404. Throw some HTML on there and users can see something. Adding LinkedIn tracking is a deliberate choice. Calling the data "leaked" is like saying a raft sprung a "leak" when the person in the raft punctured it 60 times (number of trackers). The data was shared and pushed to LI, on purpose. They (Covered CA) installed LinkedIn's code on their site. The code did exactly what it was intended to do, send data to LinkedIn.
A leak is accidental, this was a choice by Covered CA.