Large US health insurer announces mass data breach that occurred in December 2013

Health insurance provider Excellus BlueCross BlueShield has announced a data breach that could have compromised the personal information of 10.5 million upstate New Yorkers.

In August of this year, Excellus discovered a data breach that showed that hackers could have accessed personal information including “name, date of birth, Social Security number, mailing address, telephone number, member identification number, financial account information and [insurance] claims information.”

However, it’s important to note that further investigations found that this data breach happened in December 2013.

On a website announcing the data breach, Excellus President and CEO Christopher C. Booth said: “The investigation has not determined that any such data was removed from our systems.  We also have no evidence to date that such data has been used inappropriately.”

IT Governance will keep an eye on this story and update this blog post with any future developments. Subscribe to our Daily Sentinel below to ensure you don’t miss anything.