© 2020 Content on this site provides general information relating to health and is not intended to be a substitute for consultation
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations
Health Coverage

Latest Health Insurance Hack May Affect 10.5 Million People

Side Effects Public Media | By Michelle Faust
Published September 9, 2015 at 5:16 PM EDT

The personal details of approximately 10.5 million health insurance customers have been exposed by the latest cyber-attack on the health care industry.

Excellus Blue Cross Blue Shield and Lifetime Health Companies, upstate New York's largest health insurer, discovered the attack on August 5th this year. The cyberattack exposed information like birthdates and social security numbers, and also patients’ member identification numbers, financial account information and claims information.

Insurers learned the information was compromised while doing a forensic assessment of IT systems, prompted by similar breeches among other health care companies.

The health insurers waited a month after the discovery before disclosing the breech but this is not uncommon, explains Andy Meneely, an assistant professor of software engineering at the Rochester Institute of Technology.

"If you disclose that you were hacked immediately after it happens, then you’re just inviting more hackers," he says. "So, they really had to make sure that they were secure."

The company’s website says the initial attack happened in December of 2013.

The health care sector has accounted for more than 20 percent of data breaches this year according to digital security company, Gemalto.

Excellus notified the FBI and is cooperating with the bureau’s investigation.

“Protecting personal information is one of our top priorities and we take this issue very seriously,” said Christopher Booth, the corporation’s chief executive officer. 

Excellus is beginning to mail letters to affected individuals today and is providing two years of free identity theft protection services through Kroll, a company involved in risk mitigation.

A dedicated call center at 1-877-589-3331 has been set up for members and other affected individuals. The company has also established a dedicated website (www.excellusfacts.com), where members and other affected individuals can view frequent questions and answers and sign up for the free credit monitoring service and identity theft protection services.
Tags
Access to Care health insurancecybersecurity
Michelle Faust
Michelle Faust, MA, is a reporter/ producer whose work focuses strongly on issues related to health and health policy. She joined the WXXI newsroom in February 2014, and in short time became the lead producer on the Understanding the Affordable Care Act series. Michelle is a reporter with Side Effects and regularly contributes to The Innovation Trail. Working across media, she also produces packages for WXXI-TV’s weekly news magazine Need to Know.
See stories by Michelle Faust