[BreachExchange] Blue Cross alerts 15, 000 Medicare customers of potential data breach

[Destry Winant]

https://www.crainsdetroit.com/insurance/blue-cross-alerts-15000-medicare-customers-potential-data-breach

Blue Cross Blue Shield of Michigan has notified about 15,000 Medicare
Advantage members of a potential breach of personal information after
a laptop computer of an employee of a subsidary of the insurer was
stolen in late October.

Though the stolen laptop of an employee at COBX Co. "was encrypted and
password-protected, the employee's access credentials may have been
potentially compromised," Blue Cross said in a news release Friday.

No Social Security or financial information of the Medicare Advantage
customers was accessible in the computer, which was stolen on Oct. 26,
according to the Detroit-based health insurance company.

But first name, last name, address, date of birth, gender, medication,
diagnosis, provider information and enrollee identification numbers
may have been breached from the stolen laptop.

Blue Cross Blue Shield of Michigan notified affected customers Friday
in a letter sent by mail, spokeswoman Helen Stojic said.

A company executive said risk of identity theft or financial harm to
customers "is low" in this particular breach of personal information.

"We're currently working closely with our subsidiary company to review
policies and procedures and put additional safeguards in place," Kelly
Lange, vice president for enterprise compliance at Blue Cross, said in
a statement. "At Blue Cross and Blue Care Network, we take the
security of our members' protected health information very seriously
and sincerely apologize for this incident."

Blue Cross has offered the affected customers the AllClear ID identity
protection service for free for the next two years.

COBX Co. is a wholly-owned subsidary of Blue Cross that performs
Medicare Advantage services for the health insurer.