Hundreds of thousands of BlueCross customers are in for a scare. This week, the insurance company is sending out notifications to its customers fessing up to a significant data breach that saw a thief make off with 57 hard drives from a call center in Tennessee.
The hard drives contained encoded — but not encrypted — records of phone calls and video files containing sensitive patient information. eSecurity Planet has the details on the breach.
Insurer BlueCross BlueShield officials this week are telling hundreds of thousands of members that somehow a thief managed to steal a total of 57 computer hard drives from a closet at Chattanooga, Tenn., call center.
In a statement, BlueCross BlueShield spokeswoman Mary Thompson said that while the data was encoded, it was not encrypted. She said the drives contained more than 1.3 million audio files of recorded conversations between customer service representatives and customers.
The drives also included 300,000 video files from images on customer service reps’ computer screens, including Social Security numbers, birth dates, addresses and medical information.
While the bulk of the estimated 220,000 to 500,000 members affected by the data breach are Tennessee residents, BlueCross BlueShield said there at least 500 members from another 32 states who had their data exposed in the heist.
For now, BlueCross BlueShield is offering one year of free credit monitoring services as well as other data management and security services from Kroll, a risk management and IT security consulting firm.