Data Theft In Insurer Blue Cross Compromises Health Information Of Thousands Of People
The non-profit mutual insurance organization Blue Cross of Idaho has confirmed that, in recent days, an unidentified user managed to access its taxpayer portal to extract confidential information from almost 6,000 people.
Through a statement, the insurer mentioned: "On March 21, an unauthorized user accessed the Blue Cross of Idaho taxpayer portal; the unknown user tried to deflect a financial transaction fraudulently. The attack was detected in time and our security teams are monitoring the portal.
However, the next day Blue Cross confirmed that, during the incident, the attacker gained access to financial documents of some contributors that even contain personal health details, said the experts of the computer security course.
The information to which the unauthorized user had access includes names of the members
- Member number or subscription
- Date of service
- Name of the health care provider
- Patient account number
- Among others
Social security numbers, driver's license numbers, payment card details or health diagnoses have not been compromised in this incident.
The insurer reported the incident to the US federal authorities. In addition, after an internal investigation, the organization stated: "We believe that the attacker could have accessed about 1% of the total records of Blue Cross of Idaho."
Blue Cross, together with the FBI , will maintain the surveillance of the insurer's portal of taxpayers before the possibility of new cyber attacks, the specialists of the computer security course comment.
So far the company does not have evidence to confirm a malicious use of the information committed, although they have already announced some measures for the protection of its members; Blue Cross will start by resetting the subscription numbers of the affected users, and Blue Cross offers potentially affected users three years of free credit monitoring services.