Blue Shield of California Suffers a Data Leak Through Vendor Fortra: Over 63,000 Exposed to Breach
Table of Contents
- By Steven
- Apr 07, 2023
Blue Shield of California is one of the largest healthcare providers in the state of California. The health insurance company is nonprofit and delivers insurance to Californians all over the state. Hundreds of thousands of residents rely on the provider for their health insurance, and they trust the company with vast amounts of personal and health information. The company recently suffered from cyber security attacks and may have lost a large amount of that secured data to attackers looking to profit from consumer information.
How Did the Attack Occur?
Blue Shield of California relies on a file storage and transfer service offered by Fortra. The company recently suffered from a series of cyber attacks that made many different companies vulnerable to data loss. One of those companies was Blue Shield of California. When the attack occurred, more than 63,000 customers that entrusted their information to the insurance company were potentially exposed to the attackers. Large amounts of data were gathered before January 28, and Fortra didn't determine exactly what information was lost until after completing an investigation on January 31.
What Information Was Viewed or Stolen?
The attack on Fortra exposed all of the following bits of information for Blue Shield of California customers. The customers may have had their first and last names, phone numbers, email addresses, employer names, gender, home address, member ID number, and date of birth exposed by this attack. No Social Security numbers or other personal and highly confidential information was exposed by the attack, but the users were still put at real risk based on the information that was disclosed by the breach.
How Did Blue Shield of California Admit to the Breach?
Blue Shield of California filed a disclosure report with the Maine Attorney General's office about the data breach involving more than 63,000 customers. The document explains what data is involved and overviews how the attack occurred.
What Will Become of the Stolen Information?
The Blue Shield of California information will likely be used for future phishing attacks, it will be sold for a profit, and it will be used in attempted fraud. It's unlikely that attackers will be able to open lines of credit or make purchases with the stolen information, but there are some very real concerns that users should have, and they should be taking steps to protect themselves.
What Should Affected Parties Do in the Aftermath of the Breach?
The more than 63,000 affected users that had their information stored at Blue Shield of California should be monitoring their credit and financial accounts closely. Anyone marked as being involved has access to a free credit monitoring service they are encouraged to make use of. The service can help ensure that you're protected against any real attacks on your credit and that you don't face additional problems in the future. You should also be careful to avoid supplying any private information via email to anyone and to avoid clicking on links in your email from those you don't trust completely.