Information type compromised
The device was stolen on 26 October and the robbery was reported to Blue Cross officials on 12 November. The company said that hackers could have obtained credentials from the employee beforehand to steal the data. The information affected includes first and last names, addresses, date of birth, identification numbers, genders, medications, diagnoses and customer insurance information. Since they were not stored on the laptop, however, no social security numbers and financial account details were concerned. The Blue Cross problem was addressed quickly to take remedial measures to prevent further damage. It quickly changed the credentials of the employee. In addition, it works to improve the security of its systems. It also informed the affected customers via email of the breach.” We are working closely with our subsidiary to review policies and procedures and introduce further safeguards. At the Blue Cross and Blue Care Network, we take the safety of health information protected by our members very seriously and sincerely apologize for this incident, “said Kelly Lange, Vice President of Blue Cross in a statement, reported Detroit News. The company also provides free identity protection services to all concerned members for a period of one year as part of the precautionary measure. It should be noted that 16,000 Blue Cross patients were exposed in another incident this year due to an employee error. Such incidents remind healthcare companies to use stronger cybersecurity measures and train their employees to adhere to the best safety labels.