Topics
Reimbursement
J&J backs down from its planned 340B rebate model
J&J backs down from its planned 340B rebate model
Revenue Cycle Management
Mary Washington Healthcare latest to outsource revenue cycle 
Mary Washington Healthcare latest to outsource revenue cycle 
Strategic Planning
Four health systems form Longitude Health 
Four health systems form Longitude Health 
Capital Finance
HIMSSCast: Is private equity the bad guy in healthcare?
HIMSSCast: Is private equity the bad guy in healthcare?
Supply Chain
Feds shore up healthcare supply chain in wake of hurricanes Helene and Milton
Feds shore up supply chain in wake of hurricanes
Accounting & Financial Management
Karen Lynch exits CVS, David Joyner appointed president and CEO
Karen Lynch exits CVS, David Joyner appointed president and CEO
Budgeting
Health system operating margins declined in August
Health system operating margins declined in August
Quality and Safety
US healthcare system ranks last in equity, access
US healthcare system ranks last in equity, access
Billing and Collections
CFPB warns of illegal tactics by medical debt collectors
CFPB warns of illegal tactics by medical debt collectors
Claims Processing
Johns Hopkins Health Plans announces multi-payer portal
Johns Hopkins Health Plans announces multi-payer portal
Workforce
Feds grant $100 million to grow healthcare workforce
Feds grant $100M to grow healthcare workforce
Operations
UMC Health System hit with IT outage linked to ransomware
UMC Health System hit with IT outage linked to ransomware
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
Cleveland Clinic partnering with Cavaliers on new training center
Cleveland Clinic partnering with Cavs on new sports complex
Compliance & Legal
BCBS reaches $2.8 billion settlement agreement
BCBS reaches $2.8 billion settlement agreement
Policy and Legislation
HHS investing $75 million in rural healthcare infrastructure
HHS investing $75 million in rural healthcare infrastructure
Community Benefit
Nonprofit hospitals' charity care falling behind tax breaks, report shows
Report: Hospitals' charity care falling behind tax breaks
Accountable Care
ACO REACH changes more negative than positive, says participant
ACO REACH changes not positive, says participant
Acute Care
SDOH, tech key to advancing value-based care, says UHG
SDOH, tech key to advancing value-based care
Ambulatory Care
Walmart announces closing of clinics and virtual care
Walmart is closing clinics and virtual care
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
CVS Health mulls potential breakup in midst of strategic review
CVS Health mulls potential breakup
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Medicaid to cover traditional Tribal community healthcare 
Medicaid to cover traditional Tribal community healthcare 
Patient Engagement
Patients see narrow networks in ACA marketplace plans, KFF finds
KFF: Patients see narrow networks in ACA marketplace plans
Pharmacy
Blue Shield of California challenges PBM model to lower cost of Humira biosimilar
Insurer challenges PBM model to lower cost of Humira biosimilar
Population Health
Reproductive care, including abortion, facing challenges
Reproductive care, including abortion, facing challenges
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Patients less likely to seek virtual behavioral care when paying out-of-pocket
Patients who pay cost-sharing less likely to seek virtual care
Mergers & Acquisitions
In M&A deals, seller size by revenue is significantly above historical norms
In M&A deals, seller size by revenue is above historical norms
View more
Sep 10, 2015 More on Reimbursement

Excellus BlueCross BlueShield hacked; 10.5 million people affected

Hackers had access to information systems for more than a year and a half before the health plan even noticed the cyberattack had occurred.

Erin McCann

New York health plan Excellus BlueCross BlueShield on Wednesday said it was a victim of a cyberattack that affected 10.5 million beneficiaries. Even worse, the plan said hackers had access to information systems for more than a year and a half before the health plan even noticed the cyberattack had occurred.

The health plan, which covers members living across 21 counties in New York State, first discovered the cyberattack in the beginning of August, despite the hack initially taking place December 2013.

According to a company notice posted Wednesday, hackers swiped Social Security numbers and personal data of 10.5 million individuals, making it the third largest HIPAA breach ever reported since the HHS breach notification rule took effect in 2009 -- behind the Anthem and Premera cyberattacks. Other information swiped by hackers included member names, dates of birth, medical claims data, financial account information, addresses and phone numbers.

[Also: Massachusetts HIPAA fine shows the financial risk in healthcare breaches ]

The 10.5 million people who had their data stolen include members, patients and others who did business with the following health plans: BlueCard members; BlueCross BlueShield of Central New York; BlueCross and BlueShield of the Rochester Area; BlueCross BlueShield of Utica-Watertown; and Excellus BCBS.

"We sincerely regret the frustration and concern this incident may cause," wrote Excellus BCBS President and CEO Christopher C. Booth, in a statement. "We want you to know that protecting your information is incredibly important to us, as is helping you through this situation with the information and support you need."

Health plan officials said it would be extending identity theft protection to affected individuals for a two-year period.

[Also: Healthcare finance tips for safeguarding against cyberattacks]

To date, nearly 143.8 million people have had their protected health information compromised in a HIPAA privacy or security breach, according to data from the Department of Health and Human Services. Cyberattacks and hacking-related events have impacted nearly 110 million of that total, close to 77 percent. 

The Excellus cyberattack notification comes in the wake of a string of attacks reported this year, the largest being the hack at Anthem, which compromised the data of nearly 79 million people.

This originally appeared on Healthcare IT News. It has been edited.

Twitter: @EMcCannHITN

News
Healthcare organizations ask HHS to delay quality measure reporting for ACOs Healthcare organizations ask HHS to delay quality measure reporting for ACOs The American Hospital Association and American Medical Association are among the 11 organizations signing the letter.