While the biggest names in the intelligence community testified last week on Worldwide Cyber Threats, news continued to break over another health insurance company being hacked. Excellus BlueCross BlueShield released a statement this week about a cyber theft that could compromise the personal information of up to 10.5 million customers.
Excellus reportedly learned about the intrusion August 5 and that the initial intrusion began as early as December 2013. The investigation is ongoing, and Excellus has yet to confirm how much of the information has been manipulated and how—what is known so far is only that the personal information of its customers has been accessed. There has been no attribution so far as to who might have committed the hack.
It is no surprise to see yet another health insurance company fall victim to a cyber theft. With the theft of 4.5 million from Community Health Services reported last year, 80 million from Anthem Inc. in February this year, 11 million from Premera Blue Cross in March, and 1.1 million from CareFirst BlueCross BlueShield in May, cyber thieves are seeking any information they can get their hands on such as names, addresses, birth dates, and Social Security numbers to sell or use online.
In a world increasingly connected through the internet and a growing collection of customer data, personal information is highly desired for hackers and businesses alike—as we’ve seen with the hack of the Office of Personnel Management and other public and private industries. Electronic information as a whole, as Director of National Intelligence James Clapper warned Thursday, will become more at risk for manipulation in the future—possibly foreshadowing the future of cyber security as more a risk for espionage than theft.