TIME Cyberattack

This Big U.S. Health Insurer Just Got Hacked

Silhouettes
Bill Hinton—Moment Editorial/Getty Images

The cyberattack could affect more than 10 million customers

Excellus BlueCross BlueShield announced Wednesday that more than 10 million of its customers’ information has been exposed in a massive cyberattack. The breach mainly affects residents of upstate New York, where the health insurance company is based.

The cyberattack is one of the 20 largest healthcare breaches ever reported, and it follows a string of other attacks on Blue Cross-affiliated companies nationwide, according to The Hill. Though the insurer didn’t notice the breach until August of this year, the actual attack occurred in December 2013.

The attackers so far haven’t used the information exposed, the report said, but they have access to customers’ social security numbers, names, addresses, birthdates, financial information, and claims. Excellus is offering impacted customers two free years of identity-theft protection.

The attack is the latest uncovered in a string of high-profile healthcare cyberattacks this year. In February, the country’s second-biggest insurer, Anthem, which provides plans in 14 different states, announced that a hack left 78.8 million people exposed. In March, Premera Blue Cross revealed that it had been the victim of an attack that exposed 11 million customers.

Tap to read full story

Your browser is out of date. Please update your browser at http://update.microsoft.com


YOU BROKE TIME.COM!

Dear TIME Reader,

As a regular visitor to TIME.com, we are sure you enjoy all the great journalism created by our editors and reporters. Great journalism has great value, and it costs money to make it. One of the main ways we cover our costs is through advertising.

The use of software that blocks ads limits our ability to provide you with the journalism you enjoy. Consider turning your Ad Blocker off so that we can continue to provide the world class journalism you have become accustomed to.

The TIME Team