On April 13, 2018, the California Office of the Attorney General reported that Blue Shield of California experienced a data breach on November 1, 2017. The breach involved the unauthorized sharing of Protected Health Information (PHI) including names, addresses, subscriber identification numbers, and telephone numbers with an insurance broker during the 2018 Medicare Annual Enrollment Period.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-135277
TPRM report: https://www.rankiteo.com/company/blue-shield-of-california
"id": "blu531080525",
"linkid": "blue-shield-of-california",
"type": "Breach",
"date": "11/2017",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Blue Shield of California',
'type': 'Health Insurance Provider'}],
'attack_vector': 'Unauthorized Sharing',
'data_breach': {'personally_identifiable_information': ['names',
'addresses',
'subscriber '
'identification '
'numbers',
'telephone numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Protected Health Information '
'(PHI)'},
'date_detected': '2018-04-13',
'date_publicly_disclosed': '2018-04-13',
'description': 'Unauthorized sharing of Protected Health Information (PHI) '
'including names, addresses, subscriber identification '
'numbers, and telephone numbers with an insurance broker '
'during the 2018 Medicare Annual Enrollment Period.',
'impact': {'data_compromised': ['names',
'addresses',
'subscriber identification numbers',
'telephone numbers']},
'references': [{'date_accessed': '2018-04-13',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Insurance Broker',
'title': 'Blue Shield of California Data Breach',
'type': 'Data Breach'}