Massive Cyberattack Hits 10 Million Excellus Healthcare Customers

Rochester, New York-based Excellus BlueCross BlueShield has revealed to the world that cyberattackers have breached its IT systems. All told, the firm estimates 10 million members and individuals who do business with the company are affected. Those affected include 7 million Excellus members and an additional 3.5 million members under the affiliate Lifetime Healthcare Companies.

Excellus called in FireEyeEUs Mandiant incident response division to investigate the breach. After Mandiant conducted a forensic assessment of its IT systems and confirmed the attack, Excellus notified the FBI and is now cooperating with the bureauEUs investigation into the hack.

"Protecting personal information is one of our top priorities and we take this issue very seriously," said Christopher Booth, CEO of Excellus, in a statement. "We're making a broad range of services available today for our members, our employees and other impacted individuals to help protect their information."

Still Assessing

How bad is it? The short answer is nobody knows yet. Mandiant has yet to determine that personal information on the company's IT systems was removed or used inappropriately.

However, the company has confirmed that attackers may have gained unauthorized access to such information as individuals' names, dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information.

"We have already taken aggressive steps to remediate our IT system of issues raised by this cyberattack," Booth said. "We sincerely regret any concern this may cause. We are providing free credit monitoring and identity theft protection to you for peace of mind. We also pledge to take additional steps to strengthen and enhance security to help avoid having something like this happen again.EU

Excellus will mail letters to individuals who were affected and offer two years of free identity theft protection services through Kroll and credit monitoring powered by TransUnion. A dedicated...

Comments are closed.