Blue Shield of California

The California Office of the Attorney General reported a data breach involving Blue Shield of California on April 9, 2025. The breach, which reportedly started on April 1, 2021, involved the potential exposure of members' protected health information due to a misconfiguration with Google Analytics and Google Ads. Specific details on the number of individuals affected are unknown, but the compromised data included insurance plan details and medical service information.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-601191

TPRM report: https://www.rankiteo.com/company/blue-shield-of-california

"id": "blu821072925",
"linkid": "blue-shield-of-california",
"type": "Breach",
"date": "4/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'California',
                        'name': 'Blue Shield of California',
                        'type': 'Health Insurance Provider'}],
 'attack_vector': 'Misconfiguration',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['insurance plan details',
                                              'medical service information']},
 'date_detected': '2025-04-09',
 'date_publicly_disclosed': '2025-04-09',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving Blue Shield of California on April 9, 2025. '
                'The breach, which reportedly started on April 1, 2021, '
                "involved the potential exposure of members' protected health "
                'information due to a misconfiguration with Google Analytics '
                'and Google Ads. Specific details on the number of individuals '
                'affected are unknown, but the compromised data included '
                'insurance plan details and medical service information.',
 'impact': {'data_compromised': ['insurance plan details',
                                 'medical service information']},
 'post_incident_analysis': {'root_causes': 'Misconfiguration with Google '
                                           'Analytics and Google Ads'},
 'references': [{'date_accessed': '2025-04-09',
                 'source': 'California Office of the Attorney General'}],
 'title': 'Blue Shield of California Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Google Analytics and Google Ads misconfiguration'}

Blue Shield of California

Mercor: Meta Halts Mercor Partnership After AI Training Data Breach

Adobe and Indian Business Process Outsourcing: Adobe Breach – Threat Actor Allegedly Claims Leak of 13 Million Support Tickets and Employee Records

Hexpol Compounding Americas LLC and Hexpol Holding Inc.: Hexpol Data Breach Class Action Settlement