December 2, 2023
Blue Shield of California has announced it was the target of a cyberattack that stole troves of vision plan member’s personal information.
The data may have included names of members, their dates of birth, social security numbers and information related to vision health care, according to a Nov. 17 press release from Blue Shield.
Hackers stole the data from a Blue Shield server managing vision care data on May 28 and May 31, according to the release. A vendor for Blue Shield, which the release did not identify, discovered the breach on Aug. 23 and reported it to Blue Shield on Sept. 1.
In response to the breach, the vendor immediately took the server offline, launched an investigation into the incident, engaged a cybersecurity firm and reported the matter to the FBI, Blue Shield said.
The attack was part of a broader wave of cybersecurity breaches by a ransomware group known as Clop, which exploited a vulnerability of an enterprise digital file-moving software known as MOVEit, which allowed hackers to steal data. Following the breaches MOVEit creator Progress Software reportedly issued a patch.
“When we discovered the vulnerability in MOVEit Transfer and MOVEit Cloud, we worked quickly to provide initial mitigation strategies, deployed a patch on May 31 that fixed the vulnerability and communicated directly with our customers so they could take action to harden their environments,” a MOVEit spokesperson said. “We are committed to playing a collaborative role in the industry-wide effort to combat cybercriminals intent on maliciously exploiting vulnerabilities in widely used software products.”
In response to the attack, Blue Shield says it has opened a dedicated call center to answer questions—it can be reached at 1-866-983-2632 Monday through Friday from 8 a.m. to 7 p.m. Central Time, excluding major U.S. holidays.
Blue Shield also offers free credit monitoring with identity restoration services for anyone impacted by the data breach.
If you are a Blue Shield member affected by the breach, the health care provider recommends you do the following:
The following can indicate if you are a victim of identity theft, according to the FEC: