Blue Cross of Idaho is notifying members of a March 21 data breach that allowed an unauthorized user to gain access to the organization's online provider portal.
Hackers tried to gain access to 5,600 member portals, or 1 percent of its membership, in order to fraudulently reroute provider financial transactions, according local ABC affiliate KIVI. Blue Cross of Idaho stopped the attempted financial fraud and has secured the portal.
Blue Cross of Idaho determined March 22 that the unauthorized user accessed provider remittance documents, which contained personal health information. The information that was affected included names, enrollee/subscriber number, data of service, healthcare provider name, provider's patient account number, claim number, claims payment information and procedure code.
The security incident did not affect members' Social Security numbers, driver's license numbers, banking or credit card numbers or information of medical diagnoses.
The insurer is not aware of any misuse of information since the security breach. Members can receive new identification cards with new member numbers as a precaution.