J.D. Gilmour & Co., Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
J.D. Gilmour & Co., Inc., a contracted vendor for Blue Shield of California, experienced a cybersecurity breach that may have impacted the data of Blue Shield members. The breach was discovered on August 23, 2023, when it was found that an unauthorized third party had accessed information on the vendor’s MOVEit server. The breach occurred due to the exploitation of a vulnerability in the MOVEit file transfer tool, leading to the exfiltration of data on May 28 and May 31, 2023. The compromised information includes member names, dates of birth, addresses, subscriber ID numbers, subscriber names, subscriber dates of birth, group ID numbers, vision provider’s names, patient ID numbers, vision claims numbers, vision-related treatment and diagnosis information, and vision-related treatment cost information. Blue Shield of California has taken this incident seriously and is offering no-cost credit monitoring to impacted members. They have also established a dedicated call center to address concerns related to this incident. The vendor has since rebuilt the MOVEit system to meet gold standard build requirements and has implemented additional security measures to prevent future breaches[1].
Citations:
- https://news.blueshieldca.com/cybersecurity-attack-on-vendors-files-may-have-impacted-blue-shield-of-california-member-data
- https://www.jdsupra.com/legalnews/prestige-care-notifies-residents-of-9267143/
- https://www.deere.com/en/index.html
- https://www.jdgilmour.com
- https://www.jdsupra.com/legalnews/elevate-services-inc-confirms-recent-3700290/
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?ref=blog.gitguardian.com
- https://www.jdsupra.com/legalnews/umpqua-bank-confirms-data-breach-6991908/
- https://twitter.com/OCRNewBreaches/status/1756115202171445598
- https://www.jdsupra.com/legalnews/the-vitality-group-files-notice-of-5401523/
- https://news.blueshieldca.com/choice-physicians-network-and-choice-medical-group-notifies-blue-shield-of-california-of-a-data-security-incident
- https://www.jdsupra.com/legalnews/exeter-finance-clients-notified-of-2336631/
- https://oag.ca.gov/privacy/databreach/list
- https://www.jdsupra.com/legalnews/data-breach-at-burkhart-dental-supply-2924516/
- https://www.myinjuryattorney.com/loandepot-data-breach-class-action-investigation-and-lawsuit-assistance/
- https://www.jdsupra.com/legalnews/eso-solutions-files-notice-of-data-6401033/
- https://www.jdsupra.com/profile/console_and_associates_docs/