(Bloomberg) — Hackers may have breached a database with information on 1.1 million customers of CareFirst BlueCross BlueShield, a health insurer operating in Maryland, Virginia and the District of Columbia.
The breach happened last June, when hackers targeted a database that contained information customers used to log on to CareFirst’s website, the not-for-profit health insurer said in a statement Wednesday.
They may have obtained names, birth dates, e-mail addresses and subscriber identification numbers, the insurer said. The database didn’t have passwords, Social Security numbers, credit card information or medical records.
CareFirst said a review by the security firm Mandiant Corp. didn’t find evidence of any other breaches.
What Your Peers Are Reading
Hackers are increasingly targeting medical information, in particular from health insurers, which can offer a wealth of data including health, financial and identity information.
In February, the health insurer Anthem Inc. (NYSE:ANTM) said hackers accessed data on about 80 million people. In March, Premera Blue Cross, which operates in the northwestern U.S., said information on 11 million people may have been exposed.