CareFirst BlueCross BlueShield Hit by Cyberattack Affecting 1.1 Million Members

8098265_lCareFirst BlueCross BlueShield was the target of a cyber attack affecting 1.1 million current and former members, the Owings Mills, Maryland, health insurance provider disclosed Wednesday.

The nonprofit health insurer, which serves 3.4 million individuals and groups in Maryland, D.C. and Northern Virginia, said a single database was breached June 19, 2014. It said hackers may have had access to users’ names, birth dates, email addresses and subscriber identification numbers.

In light of previous cyberattacks on health insurers (most famously Anthem Inc.), CareFirst engaged Herndon-based cybersecurity firm Mandiant to conduct an examination of its IT systems. That investigation uncovered evidence of the attacks, though no other data breaches were detected. Traces of the attack were first detected on April 21, 2015.

He added that the attacks were sophisticated enough to go completely undetected by the company’s own security efforts, saying only traces of evidence remain from the attacks.

“We have constant monitoring going on, every second of every day, but the nature of this attack was sophisticated enough that we couldn’t detect it,” he said.


Share Button
This entry was posted in NEWS, Security and tagged , , . Bookmark the permalink.