Blue Cross of Idaho is notifying members of a March 21 data breach that allowed an unauthorized user to gain access to the organization’s online provider portal.
Hackers tried to gain access to 5,600 member portals, or 1 percent of its membership, in order to fraudulently reroute provider financial transactions, according local ABC affiliate KIVI. Blue Cross of Idaho stopped the attempted financial fraud and has secured the portal.
Blue Cross of Idaho determined March 22 that the unauthorized user accessed provider remittance documents, which contained personal health information. The information that was affected included names, enrollee/subscriber number, data of service, healthcare provider name, provider’s patient account number, claim number, claims payment information and procedure code.
The security incident did not affect members’ Social Security numbers, driver’s license numbers, banking or credit card numbers or information of medical diagnoses.
The insurer is not aware of any misuse of information since the security breach. Members can receive new identification cards with new member numbers as a precaution.
More articles on cybersecurity:
Pregnancy tracking app raises privacy concerns over data shared with employers
Palmetto Health alerts 23,000 patients of phishing attack
MD Anderson appeals $4.3M HIPAA penalty
© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.