Blue Cross Blue Shield Association affirms laptop breach

Share this article:

The Blue Cross Blue Shield Association (BCBSA) is reviewing its security practices after thieves stole an employee's computer that contained an unencrypted file with the personal information of nearly every doctor who accepts the popular health insurance plan.

That amounted to between 800,000 and 850,000 doctors, spokesman Jeff Smokler said. The data on the computer file -- which was stolen out of a parked car in Chicago over the weekend -- included names, addresses, tax ID and physician identifier numbers. In 16 percent of the cases, the tax ID number was a Social Security number.

"We had an employee who did not follow company procedure and removed information from a BCBSA computers and put it on a personal laptop," he said. "They key violation was it was stored on a personal, not BCBSA laptop. But if you were to store it on a BCBSA laptop, it would be fully encrypted and it wouldn't be open to some kind of risk."

Smokler would not say if the employee, who was responsible for data analysis, was fired.

"The employee has been appropriately disciplined and corrective action has been taken," he said. "We're reviewing our policies to make sure we're as tight as we can be because clearly there was a lapse here."

BCBSA, which supports 39 member companies across the country, has pledged to offer one year of free credit monitoring to victims. Officials do not, however, believe the information will be used fraudulently.

"We don't think this was targeted for whose it was or what information it had," Smokler said. "It was a middle-of-the-night car break-in."

Representatives from the American Medical Association plans to meet with BCBSA to discuss the incident, he said. An AMA spokesperson could not be reached for comment.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Skills in demand: Communications and messaging experts

Skills in demand: Communications and messaging experts

The demand for infosec-focused communications and messaging pros is growing.

Company news: New execs at Malwarebytes and an acquisition by VMware

The latest mergers and acquisitions and personnel moves, including Malwarebytes, Abacus Group, VMware, Bay Dynamics, vArmour, Secunia, Norse and more.

Bridging the talent gap in health care

Bridging the talent gap in health care

Cybercriminals are primarily after patient data as it really gets them more money.