Health care companies hold the keys to a lot of sensitive consumer data, and a hack of that data could open up a can of worms. That could be the case with 12 health care payers, who are at risk of being hacked after a health care vendor was compromised.
According to a report, which quoted a spokesperson for Newkirk Products, the vendor that was hacked, the cyberattack may have impacted around 3.3 million. Newkirk issues identification cards for insurance plans, and in early July, it discovered a server that housed information on members of payer organizations was accessed without the proper authorization. An inquiry into it found access was first made in May. Newkirk Products said it is offering individuals who were affected by the hack two years of identity protection and restoration services through AllClear ID. The data that is at risk of being compromised includes member names, addresses, the types of plans they have, both member and group ID numbers, the names of dependents enrolled in the insurance plan and the names of their primary care doctors. Social Security numbers, medical information, bank account numbers and claims information were not part of the hack.
According to the report, the insurance companies that were affected by the cybersecurity breach include Blue Cross Blue Shield of Kansas City, Blue Cross Blue Shield of North Carolina, HealthNow New York, BlueCross BlueShield of Western New York, BlueShield of Northeastern New York, Capital District Physicians’ Health Plan, Gateway Health Plan, Highmark Health Options, West Virginia Family Health, Johns Hopkins Employer Health Programs, Priority Partners Managed Care Organization and Uniformed Services Family Health Plan. John Huff, director of the Missouri Department of Insurance, said in a statement in the report that information on 411,786 members of Blue Cross Blue Shield of Kansas City was potentially taken. He encouraged customers to monitor their banking accounts and other financial accounts.