Mandiant discovered the breach after being hired to perform an assessment Credit: Thinkstock On Wednesday, CareFirst BlueCross BlueShield (CareFirst) disclosed a data breach that impacts 1.1 million current and former members, who registered to use the insurer’s websites or who did business with them online prior to June 20, 2014.CareFirst stated that they detected the initial compromise and took action to contain the attack. The assumption made was that their actions helped avoid a crisis.“At the time CareFirst believed that we had contained the attack and prevented any actual access to member information. The evidence that data was accessed was found as part of a comprehensive assessment conducted as part of CareFirst’s ongoing information security efforts in the wake of cyberattacks on other health care companies,” the insurer stated.The full impact of the breach was confirmed later by Mandiant after the security firm was hired to perform and audit at CareFirst. The audit was part of a pro-active response plan in the wake of several other healthcare related incidents last year, including those that affected other BlueCross BlueShield providers and Anthem.According to statements released by the company, while the IT staff thought they’d contained the incident, the attackers were able to access a database on June 19, 2014. The database stored information that members and other individuals used to conduct business with CareFirst online. The data exposed includes usernames, birth dates, email addresses and subscriber numbers.CareFirst says that no other PII was exposed during the incident, including Social Security Numbers, medical claims, employment records, or financial data.While CareFirst stresses that accounts are safe because the attackers didn’t access encrypted passwords stored outside of the compromised database, what the insurer isn’t saying is that the attackers did get enough information to conduct Phishing campaigns.Within the next three weeks, CareFirst will be notifying 1.1 million people in Maryland, the District of Columbia, and parts of Virginia about the incident, offering them two years of credit monitoring.CareFirst has also blocked member access to the affected accounts online, until new passwords and usernames have been created. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe