Excellus BlueCross BlueShield health insurance has been hacked; 10 million members affected

Excellus BlueCross BlueShield, a health insurer in upstate New York and its affiliates announced on Wednesday that their computer systems have been hacked. The threat initially occurred two years ago.

According to a news release from Excellus on Wednesday, the firm's IT system has been attacked exposing personal information from 10 million of its members.

The news indicates Excellus BlueCross BlueShield learned that the hackers executed an attack on August 25. Further investigations revealed that the first incident happened in December of 2013.

President and CEO of Excellus Christopher C. Booth specified the information that has been exposed. "The attackers may have gained unauthorized access to individuals' information, which could include name, date of birth, Social Security number, mailing address, telephone number, member identification number, financial account information and claims information."

It affects members under the Excellus BCBS service in 31 counties along with individuals who provided their financial accounts or Social Security number.

Excellus is now collaborating with a cybersecurity firm, Mandiant, to investigate and perform necessary actions in order to strengthen their IT systems. The company had also approached the FBI about the matter.

Meanwhile, the FBI confirmed that the offense includes other affiliate companies. "The FBI is investigating a cyber intrusion involving Lifetime Healthcare Companies, which include Excellus BlueCross BlueShield, and will work with the firms to determine the nature and scope of the matter," the FBI detailed in an email reported by Reuters.

FBI Internet Crime Complain Center warned the individuals involved to monitor their identifying information and report incidents of identity theft to them.

As of this point, Excellus spokesman Jim Redmond said none of the personal information removed from their systems had been reported to be misused, cited on the Democrat and Chronicle, Rochester.

Excellus offers health insurance to people and businesses in upstate New York counties; Buffalo and Rochester. Around 7 million members are affected together with 3.5 million accounts under its affiliated companies.

Following the issue, Excellus provided their contact numbers for queries about the cyber attack. Members may call 1-877-589-3331. In addition, they are granted free identity theft protection service and credit monitoring for two years.

With the cyber technology that continues to develop over the years and the growing number of cybercrime cases, it is necessary for businesses to invest in a robust security systems to test and upgrade their servers.