The Star-Ledger reports that the personal information of almost 840,000 Horizon Blue Cross Blue Shield of New Jersey subscribers may have been exposed when two password-protected but unencrypted laptops were stolen from the company's headquarter's during the weekend of November 1-3, 2013 (h/t PHIprivacy.net).
The laptops were cable-locked to employee workstations when they were stolen.
"After discovering the theft, we acted quickly to engage law enforcement and notify and protect all members who may have been affected," Horizon director of public affairs Tom Rubino said in a statement. "Nothing leads us to believe that the computers were stolen for the information they contained or that any member information has been used inappropriately."
Still, the information on the laptop may have included names, addresses, birthdates, and in some cases, Social Security numbers and limited clinical information.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
All those whose Social Security numbers may have been exposed are being offered a free one-year membership in Experian's ProtectMyID Alert service.
"To help prevent something like this from happening in the future, we are strengthening our encryption processes and enhancing our policies, procedures and staff education regarding the safeguarding of company property and member information," Horizon privacy official Denise J. O'Connor wrote in the notification letter [PDF].