10 million+ members’ data leaked after system breach of Rochester-based New York health insurer.

Excellus BlueCross BlueShield, an upstate New York health insurer, informed media on Wednesday that computer systems of its own and those of its affiliates were breached. As a result, data of more than 10million members got exposed.

us-based-health-insurer-hacked-10-million-customers-affected-1

As per the insurer’s claim, the firm and its affiliates have become the target of a very sophisticated cyber-attack, which occurred on Aug 5. Reportedly, the firm is taking all the necessary steps to counter the problems created after the hack and also offering free identity theft protection service to affected members.

The company posted a notice on its website that read: “We worked closely with Mandiant, one of the world’s leading cyber security firms, to conduct our investigation and to remediate the issues created by the attack on our IT systems.”

Image Credit: Excellus BlueCross BlueShield
Image Credit: Excellus BlueCross BlueShield

The firm hired experts to conduct a forensic analysis of all the computer systems after the hack attacks, which revealed that the attacks initially happened in December 2013.

The data exposed may include crucial personal details such as names, date of birth, mailing address, member identification code, Social Security number, telephone/mobile number, financial account information and/or claims information.

According to Reuters, Jim Redmond, Excellus’ spokesperson, states: “The investigation has not determined that any such data was removed from our systems and there is no evidence to date that any data has been used inappropriately.”

People from around 31 upstate New York counties, Rochester and Buffalo markets were being served by Excellus and its affiliate Lifetime Healthcare firms. Cumulatively, 7million Excellus members and 3.5million members of its affiliates got affected.

In its official statement, the FBI explained“The FBI is investigating a cyber intrusion involving Lifetime Healthcare Companies, which include Excellus BlueCross BlueShield, and will work with the firms to determine the nature and scope of the matter.”

Excellus BlueCross BlueShield has a history of getting in trouble. In past, the firm was accused of several health care frauds. Click here to go through their previous offences.

The culprits behind this attack are still unknown. However, the usual suspects FBI goes for is either China or Russia. 

In may 2015, CareFirst Blue Cross and Blue Shield were among the hacked medical insurers with data theft of about1.1 million customers.

Suggest ideas, report typos and corrections to admin@hackread.com 

Ryan De Souza

Ryan is a London-based member of the HackRead's Editorial team. A graduate of Maths and physics with a passion for geopolitics and human rights. Ryan places integrity at the pinnacle of successful journalism and believes this is somewhat lacking in traditional media. Ryan is an educator who balances his time between family, social activism and humanitarian causes and his vice is Football and cars.