Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization:
Date Made Public:
July 31, 2017
Company: Anthem Blue Cross Blue Shield
Location: Indianapolis, Indiana
Type of breach:
INSD
Type of organization:
MED
Records Breached:
18,000

"Anthem BlueCross BlueShield began notifying customers last week of a breach affecting about 18,000 Medicare members. The breach stemmed from Anthem’s Medicare insurance coordination services vendor LaunchPoint Ventures, based in Indiana.

LaunchPoint discovered on April 12 that an employee was likely stealing and misusing Anthem and non-Anthem data. The employee emailed a file containing information about Anthem’s members to his personal address on July 8, 2016.

The file contained Medicare ID numbers, including Social Security numbers, Health Plan ID numbers, names and dates of enrollment. Officials said limited last names and dates of birth were included."

Information Source:
Media
Date Made Public:
April 9, 2013
Company: Connextions, Anthem Blue Cross Blue Shield of Indiana, Anthem Blue Cross Blue Shield of Ohio, Empire Blue Cross Blue Shield of Indiana
Location: Orlando, Florida
Type of breach:
INSD
Type of organization:
MED
Records Breached:
6,000

A Connextions employee used Social Security numbers from a number of other organizations for criminal activity.  At least four members of Anthem Blue Cross and Blue Shield were affected by the criminal activity.  The breach was reported on HHS as affecting 4,814 patients, but more were affected.

Information Source:
HHS via PHIPrivacy.net
Date Made Public:
January 26, 2007
Company: WellPoint's Anthem Blue Cross Blue Shield
Location: Richmond, Virginia
Type of breach:
PORT
Type of organization:
MED
Records Breached:
50,000

Cassette tapes containing customer information were stolen from a lock box held by one of its vendors. Data included names and SSNs.

Information Source:
Dataloss DB
Date Made Public:
December 12, 2006
Company: Aetna, Nationwide, WellPoint Group Health Plans, Humana Medicare, Mutual of Omaha Insurance Company, Anthem Blue Cross Blue Shield via Concentra Preferred Systems
Location: Dayton, Ohio
Type of breach:
PORT
Type of organization:
MED
Records Breached:
396,279

A lockbox holding personal information of health insurance customers was stolen Oct. 26. Thieves broke into an office building occupied by insurance company vendor, Concentra Preferred Systems. The lockbox contained computer backup tapes of medical claim data for Aetna and other Concentra health plan clients. Exposed data includes member names, hospital codes, and either SSNs or Aetna member ID numbers. SSNs of 750 medical professionals were also exposed. Officials downplay the risk by stating that the tapes cannot be used on a standard PC.

UPDATE (12/23/06): The lockbox also contained tapes with personal information of 42,000 NY employees insured by Group Health Insurance Inc.)

UPDATE(1/24/07): Personal data of 28,279 Nationwide's Ohio customers were also compromised.  2/11/10 Total changes to 396,279 to reflect final total of records breached in all of the affected companies.

Information Source:
Dataloss DB
CSV