BlueCross Security Breach Puts Member Data at Risk

The theft of 57 hard drives from a BlueCross BlueShield of Tennessee training facility last October has put at risk the private information of approximately 500,000 customers in at least 32 states, said a HealthLeaders Media report. The hard drives containing 1.3 million audio files and 300,000 video files related to coordination of care and eligibility telephone calls from providers and members were reportedly stolen from a leased office in a Chattanooga, Tenn. strip mall that once housed a BCBS of TN call center. The video files were images from computer screens of customer service representatives and the audio files were recorded phone conversations from Jan. 1, 2007 to Oct. 2, 2009.

The files contained customers' personal data and protected health information that was encoded but not encrypted, including names and BlueCross ID numbers. And in some recordings–but not all—diagnostic information, date of birth, and/or a Social Security number were revealed. Thus, BCBS of TN estimates that the Social Security numbers of approximately 220,000 customers may be at risk.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.