Learn How a Virtual Networking Approach Can Strengthen the Security of Federal Networks REGISTER >
On January 15, 2014, the company learned that the transaction confirmation page on its Web site for individual and family plan members had been displaying Agent ID numbers, which in some cases were the agents' Social Security numbers, since December 20, 2013.
"Upon receiving this report, Blue Shield took immediate steps to remove the display of the Agent ID numbers from the Web site, which was fully completed by January 16, 2014," Blue Shield chief privacy official Hope H. Scott wrote in the notification letter [PDF]. "In order to ensure that this issue does not recur, we are also taking steps to improve our procedures for verifying the information that may be displayed on our Web site."
While there's no indication that the Social Security numbers have been misused, Blue Shield is offering all those affected a free one-year subscription to Experian's ProtectMyID Alert service.
Photo courtesy of Shutterstock.