For the third time since February, a Blue Cross/Blue Shield health insurer admitted that hackers had breached security and compromised customer records.
In February, Anthem admitted that hackers had compromised the records of 80 million current and former Anthem customers (including customers of Amerigroup, Anthem and Empire Blue Cross Blue Shield companies, Caremore, Unicare and HealthLink) dating back to 2004. In March, Premera Blue Cross admitted to a breach compromising 11 million medical and financial records dating back to 2002.
In both instances, security experts familiar with the case saw signs indicating that the hackers might enjoy unofficial backing from the Chinese government – which, incidentally, is also suspected of having a hand in other recent high-profile hackings, including last November's discovered hacking of a U.S. Postal Service database containing the personal information of 800,000 USPS employees, and the discovery last July that hackers breached the federal Office of Personnel Management, stealing the data of up to 5 million government employees and contractors who hold security clearances. (China's government, for its part, has repeatedly denied any role in American hacking activities, and points out that hacking is illegal under Chinese law.)
And so it goes for this latest Blue Cross health-insurance hacking: CareFirst, a Blue Cross Blue Shield plan primarily serving people in the Washington, D.C. area (including parts of Maryland and Virginia), admitted that hackers had breached security and compromised customer records. This breach apparently happened last June, but was only recently discovered.
No forced entry
That tends to be the case in all database hackings: “breaking into” a database doesn't leave physical signs of forced entry, the way breaking into a physical building does. And stolen information doesn't disappear from the database, the way burglarized items disappear from their owners' possession. That's why hacking can go undetected for months or even years before their victims even know they've been victimized.
Investigators speaking off the record suggested the CareFirst Blue Cross hacking might be connected to the two previous Blue Cross/Blue Shield hackings, and once again suspect signs of Chinese involvement.
So far, though, this latest health-insurance hacking appears to be on a much smaller scale than the previous two: CareFirst says that up to 1.1 million customer records might be affected. Also, CareFirst says that, while the hackers gained access to customer names, birthdates and email addresses, they did not steal confidential medical or financial data: no medical claims, credit card information or Social Security numbers.