NY Blues cyberattack affects 10M

New York insurer Excellus Blue Cross and Blue Shield has experienced a sophisticated cyberattack by hackers who may have gained access to over 10 million personal records.

Excellus discovered the attack on Aug. 5 and an investigation determined that it occurred on Dec. 23, 2013, according to a statement from Christopher Booth, the insurer's CEO. The hackers are believed to have had access to customers' names, dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification, financial account information and claims information, which would likely include medical data.

The attack affected about 7 million Excellus members and 3.5 million members of its non-Blues subsidiary, Lifetime Healthcare. 

Excellus has notified the FBI and is cooperating with the bureau's investigation.

“We have already taken aggressive steps to remediate our IT system of issues raised by this cyberattack,” Booth said.

The incident also affects members of other Blues plans who sought treatment in Excellus' 31-county upstate New York service area as well as individuals who do business with the insurer and have provided their financial account information or Social Security numbers.

An investigation by Excellus has not determined that any data was removed from the insurer's systems, and is there no evidence the compromised data has been used fraudulently.

Beth Walsh,

Editor

Editor Beth earned a bachelor’s degree in journalism and master’s in health communication. She has worked in hospital, academic and publishing settings over the past 20 years. Beth joined TriMed in 2005, as editor of CMIO and Clinical Innovation + Technology. When not covering all things related to health IT, she spends time with her husband and three children.

Around the web

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."