Following in the footsteps of Anthem and Premera, CareFirst, a Blue Cross Blue Shield plan servicing customers in Maryland, Washington, D.C. and Virginia announced yesterday that it too has been the victim of a “sophisticated” cyberattack that exposed customer information to hackers. After the announcements by Anthem and Premera, the CEO of CareFirst hired a well-known security firm to review its systems. The security firm confirmed that a successful intrusion occurred in June of 2014. The intrusion allowed hackers to obtain access to customer names, dates of birth and email addresses, but NOT financial information, including Social Security numbers.
The hacking is being investigated by the FBI, along with the Anthem and Premera incidents. Sources have indicated that they all may be related, and some surmise that they were state sponsored. At any rate, good for CareFirst for proactively checking its system, especially when the health care industry has been a clear target and will continue to be a target by hackers.