J.D. Gilmour & Co., Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

J.D. Gilmour & Co., Inc., a contracted vendor for Blue Shield of California, experienced a cybersecurity breach that may have impacted the data of Blue Shield members. The breach was discovered on August 23, 2023, when it was found that an unauthorized third party had accessed information on the vendor’s MOVEit server. The breach occurred due to the exploitation of a vulnerability in the MOVEit file transfer tool, leading to the exfiltration of data on May 28 and May 31, 2023. The compromised information includes member names, dates of birth, addresses, subscriber ID numbers, subscriber names, subscriber dates of birth, group ID numbers, vision provider’s names, patient ID numbers, vision claims numbers, vision-related treatment and diagnosis information, and vision-related treatment cost information. Blue Shield of California has taken this incident seriously and is offering no-cost credit monitoring to impacted members. They have also established a dedicated call center to address concerns related to this incident. The vendor has since rebuilt the MOVEit system to meet gold standard build requirements and has implemented additional security measures to prevent future breaches[1].

Citations:

  1. https://news.blueshieldca.com/cybersecurity-attack-on-vendors-files-may-have-impacted-blue-shield-of-california-member-data
  2. https://www.jdsupra.com/legalnews/prestige-care-notifies-residents-of-9267143/
  3. https://www.deere.com/en/index.html
  4. https://www.jdgilmour.com
  5. https://www.jdsupra.com/legalnews/elevate-services-inc-confirms-recent-3700290/
  6. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?ref=blog.gitguardian.com
  7. https://www.jdsupra.com/legalnews/umpqua-bank-confirms-data-breach-6991908/
  8. https://twitter.com/OCRNewBreaches/status/1756115202171445598
  9. https://www.jdsupra.com/legalnews/the-vitality-group-files-notice-of-5401523/
  10. https://news.blueshieldca.com/choice-physicians-network-and-choice-medical-group-notifies-blue-shield-of-california-of-a-data-security-incident
  11. https://www.jdsupra.com/legalnews/exeter-finance-clients-notified-of-2336631/
  12. https://oag.ca.gov/privacy/databreach/list
  13. https://www.jdsupra.com/legalnews/data-breach-at-burkhart-dental-supply-2924516/
  14. https://www.myinjuryattorney.com/loandepot-data-breach-class-action-investigation-and-lawsuit-assistance/
  15. https://www.jdsupra.com/legalnews/eso-solutions-files-notice-of-data-6401033/
  16. https://www.jdsupra.com/profile/console_and_associates_docs/
Breach Submission Date Jan 22, 2024
Converted Entity Name J.D. Gilmour & Co., Inc.
Converted Entity Type Business Associate
State CA
Individuals Affected 2,481
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes