Members will be receiving mail from BlueCross BlueShield any day now, but it won’t be Christmas cards. Instead, they’ll be getting letters warning them that they are at a heightened risk from ID theft because their personal, financial and even medical information may be among the millions of records missing after 57 computer hard drives were stolen from a Chattanooga storage.
Members who called BlueCross BlueShield to discuss eligibility or coordination of care were likely recorded on the stolen hard drives. All members would have had names and benefits ID numbers on the recordings, and some would also have Social Security numbers, birth dates and possibly diagnoses or diagnostic codes.
The information was not encrypted, according to BlueCross BlueShield officials. Those whose Social Security numbers and birth dates were recorded are at the greatest risk of ID theft. BlueCross BlueShield has said they’ll offer free credit monitoring services to those members.
The insurance giant has back up data from the stolen hard drives, and is combing through that information, identifying which members have been affected and their level of ID theft risk. As the research proceeds, current and former members will be sent the letters with contact information call centers where they can gather more information and report any instances of ID theft.
The data breach was discovered October 5, and is thought to have taken place at rough 6 PM the previous Friday. Blue Cross has notified the Secretary of the Department of Health and Human Services and the State of Tennessee.
