Security Breach Puts 500,000 BlueCross Members' Data at Risk
The theft of 57 hard drives from a BlueCross BlueShield of Tennessee training facility last October has put at risk the private information of approximately 500,000 customers in at least 32 states, the insurer said this week in an investigation update.
The hard drives containing 1.3 million audio files and 300,000 video files related to coordination of care and eligibility telephone calls from providers and members were reportedly stolen from a leased office in a Chattanooga strip mall that once housed a BCBS of TN call center. The video files were images from computer screens of customer service representatives and the audio files were recorded phone conversations from Jan. 1, 2007 to Oct. 2, 2009.
The files contained customers' personal data and protected health information that was encoded but not encrypted, including:
- Names and BlueCross ID numbers.
- In some recordings–but not all—diagnostic information, date of birth, and/or a Social Security number. BCBS of TN estimates that the Social Security numbers of approximately 220,000 customers may be at risk.
"Law enforcement agencies working on the investigation of the theft are regularly monitoring activity on Web sites known to participate in illegal identity theft activities, as well as online marketplace and community networks. To date, there is no evidence any member's data has been accessed and used as a result of the theft," BCBS of TN said in a media announcement.
- CEO Exchange: Preparing for Population Health
- Interventional Radiology No Longer a Sub-Specialty
- Advocate, NorthShore Deal Would Create 16-Hospital System
- Top Reason for Nurse Turnover: Managers
- CEO Exchange: Pressure is On to Partner, Drive Quality
- Power of price: In South FL and the nation, healthcare costs often are shrouded in secrecy
- Two NY hospitals to offer free hip and knee replacement surgeries for qualifying patients in December
- Hospital mergers may lead to higher prices
- House OKs Cassidy's 'keep your plan' bill
- Healthcare data of 1 million NJ patients compromised since 2009