Excellus BlueCross BlueShield announced Wednesday that more than 10 million of its customers’ information has been exposed in a massive cyberattack. The breach mainly affects residents of upstate New York, where the health insurance company is based.
The cyberattack is one of the 20 largest healthcare breaches ever reported, and it follows a string of other attacks on Blue Cross-affiliated companies nationwide, according to The Hill. Though the insurer didn’t notice the breach until August of this year, the actual attack occurred in December 2013.
The attackers so far haven’t used the information exposed, the report said, but they have access to customers’ social security numbers, names, addresses, birthdates, financial information, and claims. Excellus is offering impacted customers two free years of identity-theft protection.
The attack is the latest uncovered in a string of high-profile healthcare cyberattacks this year. In February, the country’s second-biggest insurer, Anthem, which provides plans in 14 different states, announced that a hack left 78.8 million people exposed. In March, Premera Blue Cross revealed that it had been the victim of an attack that exposed 11 million customers.
More Must-Reads From TIME
- The 100 Most Influential People of 2024
- Coco Gauff Is Playing for Herself Now
- Scenes From Pro-Palestinian Encampments Across U.S. Universities
- 6 Compliments That Land Every Time
- If You're Dating Right Now , You're Brave: Column
- The AI That Could Heal a Divided Internet
- Fallout Is a Brilliant Model for the Future of Video Game Adaptations
- Want Weekly Recs on What to Watch, Read, and More? Sign Up for Worth Your Time
Contact us at letters@time.com