Security Experts:

Connect with us

Hi, what are you looking for?



CareFirst Data Breach Impacts 1.1 Million

Healthcare insurer CareFirst BlueCross Blue Shield confirmed today that it was the victim of a data breach last June that impacts 1.1 million people.

Healthcare insurer CareFirst BlueCross Blue Shield confirmed today that it was the victim of a data breach last June that impacts 1.1 million people.

According to information from CareFirst, the attackers gained limited access to a single database in June 2014. The database stores information that members and other individuals enter to access CareFirst’s websites and online services, such as usernames, birthdates and subscriber identification numbers. The database did not however include password information, which is fully encrypted and stored in a separate system as a safeguard against such attacks, CareFirst stated.

The breach was uncovered by a third-party review conducted by security firm Mandiant. Partway through the assessment, Mandiant discovered evidence attackers had infiltrated the database back on June 19, 2014. The database did not include member social security numbers, medical claims, credit card or financial information, and the review did not uncover any evidence of any prior or subsequent attacks.

According to CareFirst, the organization did detect the initial attack and believed it had blocked any unauthorized access to member information. However, in light of attacks against other healthcare companies, the firm sought a comprehensive assessment of its information security efforts, which ultimately uncovered the breach, the company stated.

“We deeply regret the concern this attack may cause,” said CareFirst President and CEO Chet Burrell,” in a statement. “We are making sure those affected understand the extent of the attack – and what information was and was not affected. Even though the information in question would be of limited use to an attacker, we want to protect our members from any potential use of their information and will be offering free credit monitoring and identity theft protection for those affected for two years.”

The breach impacts approximately 1.1 million current and former CareFirst members and individuals who do business with CareFirst online and who registered to use CareFirst’s websites prior to June 20. All affected members will receive a letter from CareFirst offering two years of free credit monitoring and identity theft protection. The letters will contain an activation code that will allow users to enroll in the protection programs.

As a precaution, CareFirst has blocked member access to the impacted accounts and will request members create a new password and username.

According to a recent study from Ponemon Institute, criminal attacks against healthcare organizations have shot up 125 percent since 2010 and are now the leading cause of data breaches in the industry. Almost all of the companies included in the survey (91 percent) had experienced at least one data breach during the last two years, and 39 percent had experienced between two and five. Forty percent reported more than five.

“As we predicted during the recent breaches at insurers Premera and Anthem before them the alarm bells are still sounding for companies in the healthcare industry,” said Kevin Watson, CEO at Netsurion.

“What’s different from the recent Premera breach is that it appears medical and patient information was not exposed in the compromise of CareFirst’s database, which is mildly good news for customers,” he added. “But the amount of data that was stolen, including names, birthdates and email addresses, opens the door for phishing scams.”

CareFirst stated that it has reported the attack to the FBI and is cooperating in the investigation. 

Written By

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.