Yesterday we wrote about the Patz & Hall data breach which resulted in unauthorized access of consumer credit card numbers. Yesterday, the first class action related to another data breach was filed by Paulson and Nace.
In June of 2014, Carefirst BlueCross BlueShield was targeted by a cyber attack that allowed over a million individuals sensitive information to be lost. Specifically, Carefirst acknowledges that “attackers could have potentially acquired member-created user names created by individuals to access CareFirst’s website, as well as members’ names, birth dates, email addresses and subscriber identification number.” While it appears no credit care or other financial information was directly unauthorized at this point, it cannot be understated how significant this information can be to patients.
The first class action complaint filed in the United States District Court for the District of Columbia alleges negligence, breach of contract, and violation of DC’s consumer protection and data breach notification statutes among other claims. The breach has affected people in Maryland, DC and Virginia and we will continue to follow the breach to uncover how this information was accessed, and whether other information could have been as well.