Blue Cross Blue Shield Association affirms laptop breach

Share this article:

The Blue Cross Blue Shield Association (BCBSA) is reviewing its security practices after thieves stole an employee's computer that contained an unencrypted file with the personal information of nearly every doctor who accepts the popular health insurance plan.

That amounted to between 800,000 and 850,000 doctors, spokesman Jeff Smokler said. The data on the computer file -- which was stolen out of a parked car in Chicago over the weekend -- included names, addresses, tax ID and physician identifier numbers. In 16 percent of the cases, the tax ID number was a Social Security number.

"We had an employee who did not follow company procedure and removed information from a BCBSA computers and put it on a personal laptop," he said. "They key violation was it was stored on a personal, not BCBSA laptop. But if you were to store it on a BCBSA laptop, it would be fully encrypted and it wouldn't be open to some kind of risk."

Smokler would not say if the employee, who was responsible for data analysis, was fired.

"The employee has been appropriately disciplined and corrective action has been taken," he said. "We're reviewing our policies to make sure we're as tight as we can be because clearly there was a lapse here."

BCBSA, which supports 39 member companies across the country, has pledged to offer one year of free credit monitoring to victims. Officials do not, however, believe the information will be used fraudulently.

"We don't think this was targeted for whose it was or what information it had," Smokler said. "It was a middle-of-the-night car break-in."

Representatives from the American Medical Association plans to meet with BCBSA to discuss the incident, he said. An AMA spokesperson could not be reached for comment.

Share this article:

Sign up to our newsletters

More in News

EFF intros wireless router software to boost industry standard

EFF intros wireless router software to boost industry ...

This weekend, the digital rights group released a "hacker alpha" version of its Open Wireless Router software.

Breaches driving organizational security strategy, survey indicates

Breaches driving organizational security strategy, survey indicates

CyberArk interviewed 373 IT security executives and other senior management in North America, Europe and the Asia-Pacific as part of its eighth annual Global Advanced Threat Landscape survey.

Siemens industrial products impacted by four OpenSSL vulnerabilities

The vulnerabilities can be exploited remotely, and fairly easily, by an attacker to hijack sessions and crash the web server of the product.