Thief steals 57 hard drives from BlueCross BlueShield of Tennessee

Share this article:

This entry was updated Tuesday, April 13, 2010 at 12:43 p.m. EST to reflect an increase in reported victims.

Stolen computer hard drives belonging to BlueCross BlueShield of Tennessee contained sensitive member information.

How many victims? One million.

What type of personal information? Some of the stolen hard drives contain member's Social Security numbers, birth dates, addresses and medical information.

What happened? On Oct. 2, a thief stole 57 hard drives from the closet of a BlueCross call center in Chattanooga, Tenn.

Data on the stolen hard drives was encoded but not encrypted.

Details: Currently, there is no evidence that any of the stolen data has been used. Investigators are looking for the hard drives. BlueCross has backup files of all the stolen data.

Quote: "There is minimal risk to members' data being accessed due to the specialized nature of the hardware stolen and the difficulties associated with accessing,” BlueCross spokeswoman Mary Thompson said in a statement.

What was the response? Employees and temporary staff have been reviewing video surveillance footage to determine the extent of the breach.

Notification letters are being sent to affected members who will be offered a one-year subscription for identity protection monitoring services.

Source: Associated Press, “More than 220,000 customers affected by stolen BlueCross BlueShield of Tennessee data,” Dec. 25, 2009.

Timesfreepress.com, Chattanooga Times Free Press, “BlueCross theft alert widens,” April 13, 2010.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.