DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Personal data accessed on Blue Cross website

Posted on June 23, 2010 by Dissent

Courtney Perkes reports:

More than 200,000 Anthem Blue Cross customers this week received letters informing them that their personal information might have been accessed during a security breach of the company’s Web site.

Only customers who had pending insurance applications in the system are being contacted because information was viewed through an on-line tool that allows users to track the status of their application.

Cathy Luckett of San Juan Capistrano was dismayed to learn that Social Security and credit card numbers were potentially viewed.

[…]

Anthem spokeswoman Cynthia Sanders said the confidential information was briefly accessed, primarily by attorneys seeking information for a class action lawsuit against the insurer. She said it’s unclear how many customers’ information was viewed, but that letters were sent to 230,000 Californians out of an “abundance of caution.

Read more in the Orange County Register. The company reports that an upgrade was not really secure, despite them having been assured it was.

I could not find any notice on Anthem’s web site at the time of this posting. Nor is the incident reported on HHS/OCR’s web site yet.

Category: Health Data

Post navigation

← TX: Dozens of credit card numbers stolen from Driskill guests
Personal data accessed on Blue Cross website →

3 thoughts on “Personal data accessed on Blue Cross website”

  1. Anonymous says:
    June 24, 2010 at 4:47 pm

    “Only customers who had pending insurance applications in the system are being contacted because information was viewed through an on-line tool that allows users to track the status of their application.”

    This is patently false. We received this letter today and we do not have “pending applications”. What’s really amusing is that Anthem doesn’t allow online bill pay (we were required to send faxes for other materials as well), but somehow our SSNs were available online.

    I guess the fact that we pay them over USD$1000 per month isn’t enough to merit decent security.

    1. Anonymous says:
      June 24, 2010 at 5:20 pm

      Thanks for pointing out that their statement may have been less than accurate.

      If you can/want to, scan in a copy of the letter and e-mail it to me (admin[at]phiprivacy.net) and I’ll upload it so others can see it, too.

  2. Anonymous says:
    June 30, 2010 at 2:22 pm

    The BCBS in my state was nearly purchased by Anthem, but the state insurance commissioner at the time refused to approve the sale. Never have I been so glad…

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.