BALTIMORE (WJZ) — Maryland’s largest health insurer is in damage control as a cyber attack may have exposed the personal information of nearly 7,000 members.
Just four years ago, more than one million CareFirst BlueCross BlueShield members had their information stolen. Now, the company is dealing with another attack, and they aren’t alone.
The insurer revealed Friday that a phishing email opened by an employee could have revealed names, birthdays and member identification numbers of up to 6,800 patients.
Eight patients had their Social Security numbers exposed.
This comes just one day after Under Armour revealed 150 million usernames and hashed passwords were stolen from its MyFitnessPal app.
RELATED: Under Armour Announces Data Breach
“Under Armour, you know, they’re a big corporation and a big target, same thing with CareFirst. They’re a big corporation and thus a big target. So I wouldn’t say you need to be more concerned in Maryland than anywhere else,” said Steve Taormino, president and CEO of CC&A Strategic Media.
The two Baltimore-headquartered companies join a growing list of organizations targeted by hackers.
Cybersecurity expert Taormino says using long, unique passwords is the best way to protect yourself.
“Things that need to be done are making very complicated passwords for themselves and making sure that they don’t use the same password for every account that they have,” he explains.
Baltimore’s automated 911 system was crippled by a cyber attack last weekend — forcing operators into manual mode for 17 hours.
Also, many cities nationwide have seen their systems infected with ransomware.
This wave of attacks is causing more trouble for cities and companies whose firewalls just aren’t strong enough.
CareFirst has not replied to WJZ’s request for comment nor has it issued a statement regarding the breach. However, they are playing defense on Twitter, asking patients to contact them.
CareFirst says no medical or financial records were compromised in the attack.