CareFirst BlueCross BlueShield Community Health Plan District of Columbia (CHPDC), formerly Trusted Health Plans, has reported a data breach incident in which members may have had their protected health information stolen.
The cyberattack was detected on the Trusted Health Plans (CareFirst BlueCross BlueShield) network on January 28, 2021. The Washington D.C health plan has isolated the affected computers and secured its network to prevent further hacks.
The cybersecurity firm CrowdStrike was hired to investigate the Trusted Health Plans data breach. CrowdStrike confirmed that sensitive personal health information was leaked and collected by the attackers. CareFirst BlueCross BlueShield Community Health Plan District of Columbia says anyone who has been a former or current enrollee has been affected, as well as current and former employees. The data breach has been reported to the Department of Health and Human Services as affecting over 200,000 individuals.
The types of personal data stolen includes the following:
- Full names
- Home addresses
- Telephone numbers
- Dates of birth
- Social Security numbers
- Medicaid numbers
- Medical records
CareFirst BlueCross BlueShield urged those affected to further monitor their emails. They released a statement saying, “If you receive any emails from anyone stating that they have personal information, please do not click on any links or attachments that may be in the email. Please delete the emails. The links or attachments may have software in them that can harm your computer or device.”