BreachExchange mailing list archives
Blue Cross Blue Shield of TN data breach
From: Henry Brown <hbrown () knology net>
Date: Mon, 11 Jan 2010 05:21:13 -0600
From Knoxville News: http://tinyurl.com/ycvm8bh January 10, 2010 at 9:41 p.m. CHATTANOOGA - Customers of Chattanooga-based insurer BlueCross BlueShield of Tennessee slowly are being notified by mail of a potential breach of their personal information. This week, BCBS will provide updated data to the public on exactly how many customers were exposed when 57 hard drives were pilfered in October from a storage closet at the insurer's Eastgate Town Center branch, said company spokeswoman Mary Thompson. "We've reached a critical mass with our analysis of the information, and this week we think we can update the public," Thompson said. "We're going to be doing a really full breakdown of how many were potentially exposed." Letters are being mailed in batches as the data is being combed over and the breaches are discovered, Thompson said. So far, there is no evidence the data has been successfully accessed or used to harm any customer's credit, Thompson said. But the insurer, in the letters, is offering customers free credit monitoring for one year. The hard drive data is encoded and scrambled in such a fashion, Thompson said, that it would be difficult for whoever stole the hard drives to access it. However, the hard drives may include names, insurance ID numbers, dates of birth, Social Security and information about the customer's medical conditions. In the letter, the company alerted clients via Priority Mail that some members' personal information is contained in the hard drives. Company or group administrators received letters from Tena Roberson, the deputy general counsel and chief privacy officer for BlueCross. "The call recordings may have included the member's name and ID number," Roberson wrote. "Additionally, some recordings may have included the member's date of birth or Social Security number." _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Blue Cross Blue Shield of TN data breach Henry Brown (Jan 11)
- Re: Blue Cross Blue Shield of TN data breach Henry Brown (Jan 28)
- Modelling data breaches and collecting data Luther Martin (Jan 29)
- Re: Blue Cross Blue Shield of TN data breach Henry Brown (Jan 28)