Blue Cross and Blue Shield of Kansas

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Blue Cross and Blue Shield of Kansas Data Breach

Blue Cross and Blue Shield of Kansas (BCBSKS) experienced a data breach due to unauthorized access to a provider payment portal operated by Availity, LLC, a subcontractor for BCBSKS. The breach occurred between June 16 and June 22, 2022, and affected approximately 1,100 BCBSKS members[1].

Details of the Breach

The unauthorized access targeted the interception of payments made by BCBSKS to hospitals, which was not successful. The information potentially at risk included the date of service, provider name, billing code for services received, amounts billed and paid, patient name, and insured ID number. It is important to note that no financial information or Social Security numbers were contained within the system[1].

Response and Protection Measures

Upon discovering the incident, BCBSKS and Availity shut off access for the unauthorized accounts and required authorized users to recertify their access credentials. Although there is no evidence that personal information was accessed, BCBSKS is offering one year of credit and identity monitoring protection through Experian IdentityWorks at no cost to the affected members. This service includes $1 million of identity theft insurance, identity restoration, and coverage for children under 18[1].

Recommendations for Affected Members

Affected members have been notified by mail. BCBSKS advises members to remain vigilant and monitor their account statements and credit reports. Members can arrange credit monitoring services by contacting BCBSKS customer service or the BCBSKS Privacy Office[1].

Additional Information

For further assistance or questions about the breach, members can contact BCBSKS customer service at 800-432-3990 or visit the BCBSKS website. The company emphasizes the importance of protecting personal information and regrets any worry or inconvenience caused by the breach[1].

Citations:

  1. https://www.bcbsks.com/availity-data-breach
  2. https://www.ksnt.com/news/local-news/480000-kansans-affected-by-medical-data-breaches/
  3. https://www.komu.com/news/blue-cross-blue-shield-of-kansas-city-reports-data-breach/article_796d0bf4-c921-5ada-bceb-11f9f29a55c5.html
  4. https://www.wibw.com/2022/03/24/bcbs-subcontractor-offers-free-protection-members-put-risk-by-data-breach/
  5. https://www.beckerspayer.com/payer/bcbs-of-kansas-notifies-members-of-data-breach.html
  6. https://www.ksn.com/news/state-regional/biggest-health-care-data-breaches-you-should-know-about-in-kansas/
  7. https://www.beckershospitalreview.com/cybersecurity/47-000-bcbs-kansas-city-members-exposed-through-vendor-breach.html
  8. https://www.kansascity.com/news/business/article94017037.html
  9. https://privacyrights.org/data-breaches/blue-cross-and-blue-shield-kansas-city-0
  10. https://www.kcur.org/health/2016-08-05/cyberattack-snares-blue-cross-and-blue-shield-of-kansas-city
  11. https://www.insurancejournal.com/news/midwest/2016/08/09/422737.htm
Breach Submission Date Oct 14, 2022
Converted Entity Name Blue Cross and Blue Shield of Kansas
Converted Entity Type Health Plan
State KS
Individuals Affected 1,308
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes