DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Blue Cross of Idaho Notice of Privacy Breach

Posted on April 12, 2019 by Dissent

Boise, Idaho (April 12, 2019) – Blue Cross of Idaho Health Service, Inc. (“Blue Cross of Idaho”) is providing notice to certain members of a recent incident involving protected health information (“PHI”) which qualifies as privacy breach.

On March 21, 2019, an unauthorized user accessed Blue Cross of Idaho’s online provider portal with the intent of fraudulently rerouting a provider financial transaction. Blue Cross of Idaho stopped the attempted financial fraud and secured the portal. On March 22, 2019, Blue Cross of Idaho determined the unauthorized user was able to access provider remittance documents, which contained PHI.

The information the unauthorized user had access to includes member names, enrollee/subscriber number, date of service, healthcare provider name, the provider’s patient account number, claim number, claims payment information and procedure code. The information did not include any member’s Social Security number, driver’s license number, banking or credit card numbers or information about medical diagnoses.

Blue Cross of Idaho reported the incident to the Federal Bureau of Investigation (FBI), which opened an active investigation. Blue Cross of Idaho has also engaged internal and external cybersecurity and financial experts to review the provider portal and associated financial transactions. Based on the results of the investigation, Blue Cross of Idaho believes that the attacker was able to access information for approximately 1 percent of its overall membership.

Blue Cross of Idaho is cooperating fully with the FBI investigation and is continuing to review its provider portal and online security to ensure its members’ data is safe.

Blue Cross of Idaho is not aware of any improper use, or attempted use, of this information, but is actively taking steps to protect its members. In the next seven to 10 business days, most members will receive a new member ID card with a new member number. Any member that experiences problems using their benefits before receiving their new card is encouraged to call Blue Cross of Idaho’s Customer Service Department at 986-224-4154 or toll free at 833-623-7995.

To help protect our members’ identities, Blue Cross of Idaho is offering a complimentary three-year membership for credit monitoring and identity theft restoration services. Each affected member is receiving a personal notification letter with instructions on how to enroll in this service.

Blue Cross of Idaho recommends that all impacted members review their Explanation of Benefits (EOB) statements. If any member finds healthcare services listed on their EOB that they did not receive, they are strongly encouraged to contact Blue Cross of Idaho immediately.

While the provider remittance documents did not include any member’s bank account or credit card information, Blue Cross of Idaho still recommends that members remain vigilant to the possibility of fraud and identity theft by reviewing their bank, credit card and other financial statements for any unauthorized activity. Members should contact their bank directly if they would like to place an alert on their bank account or change their bank account number.

Blue Cross of Idaho takes this incident seriously and has taken multiple actions in response. Blue Cross of Idaho removed the unauthorized user’s access to the provider portal as soon as it was discovered. Blue Cross of Idaho reported the incident to the FBI and is cooperating fully with the investigation. Blue Cross of Idaho has also engaged both internal and external cybersecurity experts to review the incident. Blue Cross of Idaho is reviewing its financial accounts and provider portal to ensure that only legitimate transactions are occurring.

Blue Cross of Idaho is committed to making continuous improvements to its provider portal and online security based on the results of this investigation and best practices used across the industry.

If any member has questions or needs additional information, they can call the Blue Cross of Idaho Customer Service Department at 986-224-4154 or toll free at 833-623-7995.

Source: BLUE CROSS OF IDAHO

Related posts:

  • Yet another mailing error from Blue Cross Blue Shield of Florida?
  • Blue Cross Blue Shield Association to offer all members nationwide free identity theft protection service
  • TX: Statement and Frequently Asked Questions about the 2018 ERS OnLine Security Incident
  • Hack of former DST business exposes Blue Cross Blue Shield member info
Category: HackHealth DataU.S.

Post navigation

← UT fired counselor accused of disclosing student’s PTSD
Questcare Medical Services notifies North Texas patients of data security breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach
  • Hackers breach Norwegian dam, open valve at full capacity

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours
  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.