Skip to main content

Up to 1.1 million customers affected by CareFirst data breach

For the third time this year, a major U.S. health insurer has suffered a security breach, comprising the information of over 1 million customers. CareFirst of the Blue Cross Blue Shield insurance family announced Wednesday that up to 1.1 million individuals, but current and former plan holders, may have been affected by the security breakthrough. Luckily, because only one database was accessed, it appears that the data hackers made away with was limited to names, email addresses, and birthdates. No social security numbers, medical records, or credit card numbers appear to have been leaked.

All affected accounts have since been blocked, and customers have been asked to create new usernames and passwords. Calling it a “sophisticated” attack, CareFirst President and CEO Chet Burrell said in a statement, “We deeply regret the concern this attack may cause. We are making sure those affected understand the extent of the attack – and what information was and was not affected.”

As per a company statement, “Members who created accounts on prior to June 20, 2014 are affected by this incident. CareFirst is mailing letters to all affected members and those affected should receive a notification letter in the next 1 to 3 weeks. Members who enrolled to use CareFirst online services on or after June 20, 2014 are not affected because their enrollment occurred after the date of the unauthorized access.” To assuage some fears, CareFirst will provide two free years of credit monitoring and identity theft protection to compromised plan holders.

Earlier this year, Anthem and Premera also reported hacks, and the three security breaches seem to share some commonalities. The Federal Bureau of Investigation (FBI) seems to address the issues as state-sponsored hackings, with China at the top of the suspect list. Dr. Larry Ponemon, the chairman of Ponemon Institute, told the New York Times, “A lot of health care organizations have been historically laggards for security.” And given the wealth of information stored by these companies, they are prime targets for malicious hackers.

For more information on how to proceed, visit

Editors' Recommendations

Hacker steals 1 billion people’s records in unprecedented data breach
A depiction of a hacker breaking into a system via the use of code.

An anonymous hacker has stated that he has successfully infiltrated the Shanghai police department’s database. In doing so, he apparently extracted personal information of a staggering one billion Chinese citizens.

The individual, 'ChinaDan', took sole responsibility for the data breach. As reported by Reuters and PCMag, he detailed the incident on hacker forum Breach Forums.

Read more
Hackers targeted AMD to steal huge 450GB of top-secret data
A depiction of a hacker breaking into a system via the use of code.

A data extortion group known as RansomHouse has asserted that it has stolen upwards of 450GB of sensitive data from AMD.

Team Red has since confirmed that it launched an investigation into the matter after the situation came to light.

Read more
Cash App breach impacts millions of U.S. customers
Cash App for mobile payments.

Block, formerly Square, has revealed a security breach impacting up to 8.2 million current and former users of Cash App, its mobile payment and investment service.

The San Francisco-based company said in a recent filing with the U.S. Securities and Exchange Commission that the breach was an inside job allegedly carried out by a former employee.

Read more