Health insurer Excellus BlueCross BlueShield and a partner company experienced a data breach of their health care records. The sophisticated cyber attack on more than 10 million records was disclosed by the company last wednesday, September 9th 2015. This comes just a couple of months after a similar hack at UCLA’s health system in July in which 4.5 million records were accessed.
Excellus claims that this hack exposed social security numbers, medical claims, as well as other identifying information. The FBI is investigating the crime. In a statement by Excellus CEO Christopher Booth he says, “protecting personal information is one of our top priorities and we take this issue very seriously…”. The frequency of data breaches in health care is alarming and is causing some to say that health records in the US are not safe. Why?
Health records are extremely attractive to data hackers. The information is valued over credit card information when sold on the black market. The records are attractive simply because the data is so rich. Personal information like social security numbers, identification information and medical history can allow an attacker to use the data in a variety of ways. These uses range from opening a bogus account, committing income tax fraud, to getting health insurance under someone else’s name.
The possibilities are plentiful, and therefore the health care industry remains a primary target.