Personal information of more than 1 million current and former CareFirst BlueCross BlueShield members was leaked in a cyberattack on the insurer’s database.
CareFirst said hackers accessed a single CareFirst database in June 2014, that included user names, birth dates, email addresses and subscriber identification numbers for as many as 1.1 million members, former members and a very small number of brokers.
The breach affects members who registered to use CareFirst’s website before June 20, 2014.
The compromised database did not store Social Security numbers, medical claims, employment, credit card, or financial information. That information is protected by encrypted passwords stores on a separate database, “just for this purpose,” CareFirst CEO Chet Burrell said Wednesday in a call with reporters about the attack.
The announcement comes two months after Premera Blue Cross disclosed a similar breach of 11 million records.
