New York insurance provider Excellus BlueCross BlueShield recently revealed that hackers infiltrated their computer systems and those belonging to some of its affiliates. The breach put more than 10 million members’ personal information at risk.
Excellus said it first became aware of the incident on August 5 at which time it notified the FBI and reached out to FireEye’s Mandiant incident response division to conduct an assessment of its IT systems. Attackers may have had access to sensitive information including names, birth dates, addresses, Social Security numbers, mailing addresses, phone numbers, member identification numbers, financial account information and claims information.
The insurer said it has begun the process of notifying affected individuals. What’s more, Excellus will provide those at risk with two years of free identity theft protection services via Kroll and credit monitoring via TransUnion.
Medical-related cyber attacks are quickly becoming a common occurrence. The largest in recent memory was an attack against Anthem in February in which 80 million personal records were compromised. As CNET adds, there have been numerous smaller attacks as well.
In June, an employee with Montefiore Medical Center was indicted for helping steal 12,000 health-related records. A month later, the UCLA Health System said hackers managed to access 4.5 million patient records.
Those affected by the breach can visit the company’s website to view a FAQ on the matter and to register for the identity theft and credit monitoring services.