More than 10 million records were exposed in a data breach of health insurer Excellus BlueCross BlueShield and a partner company. That’s only a fraction of the size of a similar hack earlier this year, but it raises the question, “Again?”
The hack of Rochester, New York-based Excellus follows not just the breach of about 80 million health records from Anthem in January, but several smaller attacks against health care databases in California and New York. In July, the UCLA Health System announced hackers had accessed 4.5 million of its patient records. In June, an employee of a hospital called Montefiore Medical Center in New York was indicted for helping to steal 12,000 health care records.
Excellus revealed the breach on Wednesday, telling customers they would receive identity-monitoring services and that the FBI is investigating the crime. The records included Social Security numbers and other identifying information, as well as claims members made to pay for medical care.