On Friday (08/05/16) Newkirk Products a business associate for BlueCross BlueShield, reported that a data breach has occurred on one of its servers. This breach could affect the data of 3.3 million members of insurance plans.
Newkirk detected that there was an unauthorized accessed to one of its servers on July 6th. This server was subsequently shut down. The company opened an investigation with the help of a third-party forensic investigator to determine the extent of the breach. According to the investigation the first unauthorized access occurred on May 21st, 2016. The server did not contain social security numbers, banking information, or medical data. However, depending on the plan, the names, date of birth, name of dependents, primary care providers, invoice information, Medicaid ID numbers and addresses of patients were all part of the accessed data. Following the discovery of this breach, Newkirk sent out a detailed letter to explain the extent of the breach and offer two-years of free id protection to all those affected. Newkirk has already contacted federal law enforcements and their investigation is still on going. Newkirk Products provides insurance cards to the following health plan systems: Blue Cross and Blue Shield of Kansas City, Blue Cross Blue Shield of North Carolina, BlueCross BlueShield of Western New York, BlueShield of Northeastern New York, HealthNow New York, Inc. and Capital District Physicians' Health Plan. About Paubox: Paubox is a provider of seamless encrypted HIPAA compliant email.