On June 10, CareFirst BlueCross BlueShield notified the Maryland Attorney General’s Office of a breach involving member information.
According to their letter, a CareFirst associate leaving the Canton office did not transport member information securely. As a result, part of a member’s file fell out of the associate’s bag, where it was discovered by someone else leaving the building. That person turned it over to building security the next day and they then returned it to CareFirst.
The exposed information included the member’s name, address, date of birth, Social Security Number, spouse’s name and date of birth, and medical information on the member.
So… a small breach. N of 1. No ID theft, but at least a few unauthorized individuals now seeing your personal and medical information. How would you feel?