Health insurer Excellus Blue Cross/Blue Shield became the latest major health insurer to disclose that it had suffered a data breach affecting 10.5 million people.  The compromised information may include names, birth dates, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information.  This hacking, which was just announced, but has been going on since December of 2013 is the fourth major health care data breach this year with anthem Blue Cross/Blue Shield being the largest, having affected upwards to 80 million people.  As I warned everyone in my USA Today column in which I made my cyberpredictions for 2015, the health care industry is tremendously vulnerable to data breaches and we can expect these data breaches to continue.  Here is a link to that column.

A recent audit of health care companies and insurers showed that more than 81% of these companies have suffered a data breach in the last two years alone and that number only relates to the data breaches that have been discovered.  There may have been more that remain undiscovered.

The potential consequences of medical company data breaches can be tremendous to affected individuals.  The medical records of an identity thief accessing your medical insurance can become intermingled with your medical records such that you can mistakenly receive improper treatment, such as a potentially deadly blood transfusion of the wrong blood type.


Excellus will be sending out snail mail letters to those people affected by the data breach shortly.  If you receive an email purportedly from Excellus asking you to click on links for information about the data breach, it is a phishing email aimed at getting you to download malware on to your computer and make you a victim of identity theft.  As many hacked companies do, Excellus is offering two years of free credit monitoring, however these services will do nothing to protect you from identity theft.  In order to do that, I suggest that you put a credit freeze on your credit report at each of the three major credit reporting agencies in order to prevent someone who already has your personal information such as your Social Security number from accessing your credit report to run up debts in your name.  You can find information about how to do a credit freeze in the Scamicide Archives.  For more information about the Excellus data breach, you can either call their toll free hotline number of 877-589-3331 or got their website by clicking on this link.