Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

CareFirst says cyber attack stole data of 1.1 million users

Reprints
CareFirst says cyber attack stole data of 1.1 million users

(Reuters) — CareFirst BlueCross BlueShield, which sells health insurance in Maryland, Virginia and the District of Columbia, said on Wednesday that a cyber attack compromised the data of 1.1 million current and former members.

CareFirst, which has a total of 3.4 million customers, said that the breach took place in June 2014 but was only recently discovered as part of security efforts put in place after other insurers were hacked.

Anthem Inc., the second-largest U.S. insurer, said early this year that the records of 80 million people were accessed by hackers. In May, Premera Blue Cross said that 11 million customers' information may have been exposed in a hack.

CareFirst said that the attackers accessed one database and could have potentially acquired member user names created by individuals to use CareFirst's website, names, birth dates, email addresses and member identification numbers.

CareFirst has blocked member access to these accounts and has requested members to create new user names and passwords.

The company said the database is also used by nonmembers that access CareFirst's websites and online services.

Mandiant, the technology company that conducted the review, found no indication of any other prior or subsequent attack or that other personal information was taken, CareFirst said.

The database did not include Social Security numbers, medical claims, employment, credit card or financial information.

Read Next

  • St. Louis Fed hack could affect website's users

    The Federal Reserve Bank of St. Louis does not believe that its websites and its systems were compromised or hacked during an April 24 incident, a spokeswoman said Wednesday, but users who had tried to access the site that day are being advised that they may have been affected.