Customer information at risk in breach

A

AALARD

Guest
Customer information at risk in breach
ATLANTA, (UPI) -- Blue Cross says a Web site security breach may have jeopardized the personal information, including Social Security numbers, of 70,000 of its Georgia customers.

The breach at Blue Cross and Blue Shield of Georgia is part of a larger security Web site violation of parent company, WellPoint, The Atlanta Journal-Constitution reported.

Company spokeswoman Cindy Sanders said information was exposed for five months beginning in October following a faulty site upgrade and affected applicants under the age of 65 applying for individual insurance policies, the newspaper said Tuesday.

"We used a third-party vendor. They told us all security measures were in place," Sanders said. "They weren't."

The breach involves site users who are able to access private information after manipulating the Web address applicants use when tracking the status of their application.

The company learned of the security breach after an attorney for one of the site users filed a class-action lawsuit in March against the insurer, the Journal-Constitution said.

Georgia Insurance Commissioner John Oxendine said he is concerned the company took months to notify the applicants and his office. He may levy a fine if the delay is found to have been unwarranted, he said.
 
Top