Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Blogs
    • AI
    • Deals
    • Layoff Tracker
    • HIMSS 2023
  • Opinion
    • Breaking Bias
    • Commentaries
    • Letters
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - AI and Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Sponsored Video Series - One on One
    • Sponsored Video Series - Checking In with Dan Peres
  • Data & Insights
    • Data & Insights Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Technology
September 09, 2015 12:00 AM

Cyberattack on New York Blues plan Excellus affects 10 million

Adam Rubenfire
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    (Story updated at 6:50 p.m. ET.)

    Excellus Blue Cross and Blue Shield, a Rochester, N.Y.-based insurer, disclosed Wednesday afternoon that it was the victim of a sophisticated cyberattack by hackers who may have gained access to over 10 million personal records.

    Christopher Booth, the insurer's CEO, said in a message to customers that Excellus discovered the attack on Aug. 5 and an investigation determined that it occurred on Dec. 23, 2013. The hackers are believed to have had access to customers' names, dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification, financial account information and claims information, which would likely include medical data.

    The attack affected about 7 million Excellus members and 3.5 million members of its non-Blues subsidiary, Lifetime Healthcare Cos. The company is notifying affected customers and offering identity theft protection through Kroll, a risk mitigation and response solution company, including credit monitoring through TransUnion.

    The attack falls within the top 20 worst healthcare breaches ever reported by a healthcare organization, according to the HHS breach list, colloquially known as the industry “wall of shame.” Excellus said it has notified the FBI and is cooperating with the bureau's investigation.

    “We have already taken aggressive steps to remediate our IT system of issues raised by this cyberattack,” Booth said in a statement.

    As with other Blue Cross and Blue Shield affiliates that have been hacked, the incident also affects members of other Blues plans who sought treatment in Excellus' 31-county upstate New York service area. It also affects individuals who do business with the insurer and have provided their financial account information or Social Security numbers.

    An investigation by Excellus has not determined that any data was removed from the insurer's systems, nor is there evidence that the compromised data has been used fraudulently.

    Blues insurers have recently been the targets of major cyberattacks, including Washington, D.C.-based CareFirst Blue Cross and Blue Shield, Seattle-based Premera Blue Cross and Indianapolis-based Anthem, which was the victim of the largest cyberattack ever disclosed by a healthcare company, affecting about 80 million current and former members.

    In recent survey of over 100 payer organizations by consulting firm KPMG, 69% said their systems have been compromised by malware in the past 12-24 months. Only 18% said their networks had not been compromised in the last 1-2 years, despite 44% of payers reporting that they feel near “completely ready” to defend against a concerted cyberattack.

    Some experts have hypothesized that the specific goal of the hackers has been to obtain information on federal employees, who make up a up a notable portion of the 106 million Americans covered by various Blue Cross and Blue Shield companies. The breach of clinical data, which may have occurred in this case, can pose a particularly costly threat to insurers and their customers.

    But Mac McMillan, an IT healthcare security expert and founder of CynergisTek, an Austin, Texas-based security consultancy, said Blues affiliates are more likely in the spotlight for these attacks because they’ve probably been proactive in looking for past breaches following the Anthem attack. It’d be unfair to speculate that BCBS affiliates are a target for hackers or less secure, he said.

    “I don’t think this is an anomaly or this should be a surprise to anybody,” McMillan said. “I think the Blues are finding it because the Blues have gotten their nose bloodied and they’re looking to address it and finding it now. Every insurer should be looking and i’m willing to bet there’s a lot more we don’t know about.”

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    doctor_patient_tablet_getty_i_i.jpg
    How AI may influence pain medication prescriptions
    Amir Dan Rubin
    Amazon's One Medical CEO to step down later this year
    Most Popular
    1
    CMS tries luring providers to revamped Medicare ACOs
    2
    Oregon joins other states in setting ratios for nurse staffing
    3
    Blue Shield CA taps Amazon, Mark Cuban, CVS for new PBM model
    4
    A health innovation hub grows in Lake Nona Medical City
    5
    Hospital-at-home providers push for Medicaid coverage
    Sponsored Content
    Digital Health Intelligence Newsletter: Sign up to receive a twice-weekly (T, F) morning newsletter featuring the latest reporting on technologies, trends, players and money fueling the rapid changes in how healthcare is developed, paid for and delivered.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Help Center
    • Advertise with Us
    • Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Blogs
      • AI
      • Deals
      • Layoff Tracker
      • HIMSS 2023
    • Opinion
      • Breaking Bias
      • Commentaries
      • Letters
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - AI and Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Sponsored Video Series - One on One
      • Sponsored Video Series - Checking In with Dan Peres
    • Data & Insights
      • Data & Insights Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing