US-based health insurer CareFirst has been targetted by a cyber attack, which exposed the data of around 1.1 million current and former CareFirst members and individuals.


According to the company, the attackers gained limited and unauthorized access to a single CareFirst database.

CareFirst employed cybersecurity firm Mandiant to carry out an end-to-end examination of its IT environment. It included the review of multiple and comprehensive scans of the CareFirst’s IT systems for any evidence of a cyberattack.

In June 2014, Mandiant confirmed that cyberattackers gained access to a single database in which CareFirst stores data that members and other individuals use to access its websites and online services.

The evidence showed that attackers could have potentially acquired member user names created by individuals to use CareFirst’s website, in addition to the members’ names, birth dates, email addresses and subscriber identification number.

CareFirst president and CEO Chet Burrell said: "We are making sure those affected understand the extent of the attack – and what information was and was not affected.

"Even though the information in question would be of limited use to an attacker, we want to protect our members from any potential use of their information and will be offering free credit monitoring and identity theft protection for those affected for two years."

CareFirst noted that database accessed by attackers contained no member social security numbers, medical claims, employment, credit card or financial information.

CareFirst, which is an independent licensee of the Blue Cross and Blue Shield Association, offers health insurance products and administrative services through its affiliates and subsidiaries.

Image: CareFirst announced that it has been the target of a sophisticated cyberattack. Photo: courtesy of Stuart Miles/