CareFirst insurance hack affects 1.1m customers

Data stolen includes member names, birth dates, email addresses and identification numbers

The CEO of health insurance firm CareFirst said he deeply regrets the concern a hack affecting 1.1 million of the company's customers caused.

"We deeply regret the concern this attack may cause," CareFirst chief executive Chet Burrell said in a statement. "We are making sure those affected understand the extent of the attack - and what information was and was not affected."

Advertisement - Article continues below

According to reports, member names, birth dates, email addresses and identification numbers were stolen, but social security numbers, medical claims, employment, credit card or financial information details were not revealed. Only those who created accounts before 20 June, 2014 were affected.

CareFirst has 3.4 million customers in the states of Maryland and Virginia and the District of Columbia in the US. The hack happened almost a year ago, but FireEye Mandiant, which was called in to audit the company's security, has only just uncovered it.

The security firm said attackers managed to gain unauthorised, but very limited access to the CareFirst database.

CareFirst said in a message to affected customers: "We understand that the security of your information is important and we are taking steps to protect members in light of this attack and moving forward.

"We are offering two years of free credit monitoring and identity theft protection services for those members affected. If you have been affected, you will receive a letter from CareFirst."

Advertisement - Article continues below

Earlier this year, two other health insurance companies - Anthem and Premera - also reported they had been attacked by hackers. The FBI was called in to investigate the incidents and concluded they were most likely to be state-sponsored hackings. China looks to be the firm favourite perpetrator.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020