5 payer data breaches over the last 6 months

5 payer data breaches over the last 6 months:

1. Blue Cross and Blue Shield of Kansas: Subcontractor Morley Companies reported a data breach March 24 that affected about 2,800 BCBS of Kansas members. No Social Security or financial information was involved. Morley is providing two years of free credit and identity monitoring for those potentially affected. 
2. Highmark Health: The payer confirmed a recent data breach of its computer network on March 23. The breach exposed the sensitive information of as many as 67,147 individuals. Law firm Console & Associates is investigating the breach on Highmark's behalf. The firm is providing free consultations to affected individuals regarding identity theft protection and potential compensation from Highmark.
3. Priority Health: The payer told beneficiaries on Feb. 14 that an unauthorized user accessed private information through its Priority Health member portal on Dec. 16, 2021. The hacker had access to patient names, dates of birth, addresses, contact information and some claims and medical data. Social Security numbers were not accessed. There is no indication the information was misused. The payer offered impacted members two years of identity theft protection.
4. Oscar Health: The payer announced Jan. 14 that a vendor printing issue may have led to the mishandling of member information. The payer discovered Nov. 23, 2021 that mailings with sensitive member information were incorrectly sent to other Oscar Health members. The mailings were sent to members from Oct. 28 to Nov. 16. Mailed information included member names, Oscar ID numbers, provider information, claim numbers, plan name and affiliation, and procedure or service details. The payer does not believe any information was misused. The issue was addressed with the vendor and mailings were sent to the correct members. Oscar notified members affected by the error.
5. True Health New Mexico: The payer reported a data breach impacting more than 62,000 members on Nov. 17, 2021, according to JD Supra. The breach occurred in October and hackers had access to members' names, email addresses, insurance information, Social Security numbers, medical histories and more. They also accessed information related to some providers and former beneficiaries of New Mexico Health Connections, a True Health administered plan. Three True Health members filed a lawsuit Jan. 25 claiming the breach was predictable and the payer delayed informing members and regulators of the breach for over a month.