Menu
Health insurer CareFirst reveals cyberattack affecting 1.1 million

Health insurer CareFirst reveals cyberattack affecting 1.1 million

The breach is the third one disclosed this year by a large health insurer

CareFirst BlueCross BlueShield member ID card

CareFirst BlueCross BlueShield member ID card

A large US health insurer, CareFirst BlueCross BlueShield, has disclosed it fell victim to a cyberattack that affected about 1.1 million people.

The attack, which occurred in June last year, targeted a single database that contained information about CareFirst members and others who accessed its websites and services, the company said Monday.

The nonprofit has 3.4 million members, mostly around Maryland, Washington, D.C., and Northern Virginia.

"We were the subject of a cyberattack," a somber looking Chet Burrell, the company's CEO, says in a video posted to its website.

CareFirst said customer names, birth dates, user names, email addresses and subscriber ID numbers may have been stolen. The database did not contain Social Security numbers, medical claims or financial information, it said. And member passwords were encrypted and stored in a different system, CareFirst said.

The disclosure marks at least the third time this year that a large health insurance company has reported a data breach, and experts warn that medical records are increasingly sought by hackers.

Anthem, formerly known as Wellpoint, said in February that upwards of 78.4 million records were at risk after hackers accessed one of its databases. The breach exposed names, birth dates, Social Security numbers, addresses, phone numbers, email addresses and member IDs, as well as some employee records and income levels.

Five weeks after Anthem's disclosure, Premera Blue Cross said information including bank accounts and clinical data going back to 2002 may have been compromised in an attack that affected up to 11 million people.

Medical records are valuable for cybercriminals, who may use the information for fraud, or for more sophisticated purposes, such as nation-state spying.

Computer security experts have said the attacks against Anthem and Premera appeared to use similar tactics. In both cases, experts found evidence that the attackers set up domain names that slightly misspelled the company's names.

Those fake websites may have been used to spoof legitimate internal services offered by the companies in an attempt to steal login credentials that would yield access to their systems. CrowdStrike, which analyzes malware attacks, has said such tactics have been used by a suspected China-based group nicknamed Deep Panda.

CareFirst did not indicate who might behind its breach, but said the FBI was notified.

CareFirst's breach was uncovered last month by Mandiant, computer security company FireEye's investigative services breach. It was hired to scan CareFirst's systems in light of the attacks against other health insurers.

The company is offering two years of free credit monitoring to those affected, who will be notified by letter. Some online accounts have been blocked and members will be prompted to create new user names and passwords.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags CareFirst BlueCross BlueShieldsecurity

Featured

Slideshows

Educating from the epicentre - Why distributors are the pulse checkers of the channel

Educating from the epicentre - Why distributors are the pulse checkers of the channel

​As the channel changes and industry voices deepen, the need for clarity and insight heightens. Market misconceptions talk of an “under pressure” distribution space, with competitors in that fateful “race for relevance” across New Zealand. Amidst the cliched assumptions however, distribution is once again showing its strength, as a force to be listened to, rather than questioned. Traditionally, the role was born out of a need for vendors and resellers to find one another, acting as a bridge between the testing lab and the marketplace. Yet despite new technologies and business approaches shaking the channel to its very core, distributors remain tied to the epicentre - providing the voice of reason amidst a seismic industry shift. In looking across both sides of the vendor and partner fences, the middle concept of the three-tier chain remains centrally placed to understand the metrics of two differing worlds, as the continual pulse checkers of the local channel. This exclusive Reseller News Roundtable, in association with Dicker Data and rhipe, examined the pivotal role of distribution in understanding the health of the channel, educating from the epicentre as the market transforms at a rapid rate.

Educating from the epicentre - Why distributors are the pulse checkers of the channel
Kiwi channel reunites as After Hours kicks off 2017

Kiwi channel reunites as After Hours kicks off 2017

After Hours made a welcome return to the channel social calendar last night, with a bumper crowd of distributors, vendors and resellers descending on The Jefferson in Auckland to kickstart 2017. Photos by Maria Stefina.

Kiwi channel reunites as After Hours kicks off 2017
Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Show Comments