A Bay Area-based healthcare giant has fallen victim to a potentially large-scale cyber attack which experts say put millions of its customers' private data at risk.
The data breach at Oakland-based Blue Shield shines a spotlight on just how much private information we give to our healthcare providers.
"This is going to have a very significant impact on a lot of lives for many years to come," said Michelle Dennedy, CEO of Privacy Code.
She calls this breach more worrisome than most, because of the kind of data kept there.
Get a weekly recap of the latest San Francisco Bay Area housing news. Sign up for NBC Bay Area’s Housing Deconstructed newsletter.
"What does a healthcare company know? Not just your health, they know your social security number, your family members, they know where you live, they know your insurance company," said Denney.
Blue shield has about 4.5 million members. None yet know if their data was compromised by the cyber attack, but cyber security experts say patients should assume thier data was stolen.
Local
"Don't sit and wait to find out,” said Anne Cutler, cyber security expert from Keeper Security. “Take action right now."
Their advice is to check passwords, accept offers from Blue Shield for credit monitoring services, and check both your credit card and healthcare statements closely over the next several months.
"By the time you hear about it from an organization that's been breached, it's probably too late, your information has been posted to the dark web, it may have been sold, even your healthcare information can be sold on the dark web," said Cutler.
Blue Shield says the attack targeted one of its outside vendors managing vision benefits for members.
California law requires that a business or agency notify anyone whose data may have been acquired by an unauthorized source.
So, expect letters to go out soon and, meanwhile, sign up for those free credit monitoring services.
