Excellus announces that it has been hit by a major data breach
Excellus BlueCross BlueShield, a prominent health insurance company operating in the United States, has announced that it has fallen victim to a data breach. The cyber attack affected Excellus as well as several of its affiliates, which may have lead to the information of some 10.5 million people being compromised. According to Excellus CEO Christopher Booth, the company was targeted by a “very sophisticated” cyber attack, making Excellus one of the most recent insurers to fall victim to a major data breach.
Some 10 million people may have been affected by the cyber attack
According to Excellus, the information stolen during the data breach includes names, birth dates, Social Security numbers, mailing addresses, telephone numbers, financial account information, and claims information. This makes the data breach yet another major attack that the insurance industry has had to deal with in recent history. Excellus is the fourth major health insurance company to announce a major data breach since the beginning of this year. Other insurers have been hit by attacks that were greater in scope.
Several other insurers have been targeted by cyber attacks
In February of this year, Anthem BlueCross BlueShield announced that it had been subject of a major data breach, during which the medical records of some 80 million people were compromised, with this information dating as far back as 2004. In March, Premera Blue Cross become the next health insurance company to be hit by at cyber attack, with another attack targeting CareFirst BlueCross BlueShield in May. Those responsible for these cyber attacks were believed to have had support from the Chinese government.
Excellus is working to help resolve the issues associated with the data breach
Following the data breach, Excellus will be providing those affected by the attack with two years of free credit monitoring services, as well as identity theft protection services. The health insurance company is currently working to contact those that have been affected by the data breach, looking to inform these people of what options they can take to resolve any issues they may have.