What information was exposed in the breach CareFirst?
accessible databases of Pirates was used to store information that members and other persons using the online services provided by CareFirst entered when signing for its sites. This information includes members created user names, names, birth dates, email addresses and subscriber identification numbers . Fortunately, the passwords needed to access other data are fully encrypted and stored in a separate database, which was not consulted. This means the social security numbers, information on medical claims and financial information has not been exposed. Despite the limited nature of this cyber attack, it is still a source of concern for those whose information was exposed.
How do I know if I am affected?
CareFirst serves people in Maryland, Washington, DC and parts of Virginia. According www.carefirstanswers.com - the website set up by CareFirst to provide information about the violation of its members - anyone who registered one of its Web sites before June 2014 at risk. As a courtesy, CareFirst provides all members with affected two years of free credit report monitoring service and protection against identity theft of ProtectMyID. Coverage of credit monitoring and identity theft offered is the same as that Premera offered to its members, and includes a special protection for families with minor children who were affected by the breach. Is credit monitoring and identity theft protection against enough? See our analysis of ProtectMyID and secure family for more information.
In addition, as a precaution CareFirst has blocked access to the member account. Members will be required to create a new user name and password to continue using the CareFirst website or any of its other online services.
The latter offense, unfortunately, is not surprising considering how risky the health care industry is to cyber attacks. Learn how to best identity theft protection services can help you and your family the benefits of these vulnerabilities to protect.