The data breach presents the possibility of massive medical insurance fraud, but the 187,000 doctors who used their Social Security numbers as tax ID numbers or provider numbers are most at risk of identity theft.

The unnamed employee, in dereliction of company policy, downloaded the database to his personal laptop to work on it at home. The computer was stolen from the employee’s car August 27 and the crime was reported to the Chicago police.

No patient information was in the file.

The file was encrypted while on the insurance company’s network according to protocol, but the employee unencrypted it before downloading it.

BlueCross BlueShield told their 39 affiliates about the data breach within a week of the incident, and left it up to them to notify physicians nationwide, but as of October 7, some of the doctors still had not been contacted, according to an article on amednews.com, a medical news site operated by the American Medical Association.

Roughly 90% of the nation’s physicians are in the BlueCross BlueShield network.

In a letter sent to the affiliates, BlueCross BlueShield said there was no evidence that the information on the stolen computer has been misused.

BlueCross Blue Shield is automatically providing a year of free credit monitoring to the doctors whose Social Security numbers were compromised. Other doctors interested in being covered by credit monitoring must request if from their affiliate.