Newsroom

September 10, 2015

BlueCross cyberattack jeopardizes 10M customers

Excellus BlueCross BlueShield, a plan covering New York, revealed Wednesday that a cyberattack to its systems exposed the personal data of more than 10 million people.

Excellus discovered the attack on Aug. 5 and learned that an initial attack occurred on Dec. 23, 2013. Attackers may have gained access to members' and patients' names, dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information, Excellus President and CEO Christopher Booth noted in a statement.

He said the attack also affects members of other BlueCross BlueShield plans who received treatment in the area of Excellus BCBS and those that do business with the group.

Next week, credit union representatives will come to Washington from around the country to meet face to face with their lawmakers and regulators to discuss important issues such as data and cybersecurity during NAFCU's Congressional Caucus. NAFCU continues to press Congress to address the issue of cybersecurity as the financial burden of attacks usually falls to financial institutions to make consumers whole if their financial information is compromised.