(Bloomberg) — Hackers may have breached a database with information on 1.1 million customers of CareFirst BlueCross BlueShield, a health insurer operating in Maryland, Virginia and the District of Columbia.

The breach happened last June, when hackers targeted a database that contained information customers used to log on to CareFirst's website, the not-for-profit health insurer said in a statement Wednesday.

They may have obtained names, birth dates, e-mail addresses and subscriber identification numbers, the insurer said. The database didn't have passwords, Social Security numbers, credit card information or medical records.

CareFirst said a review by the security firm Mandiant Corp. didn't find evidence of any other breaches.

Hackers are increasingly targeting medical information, in particular from health insurers, which can offer a wealth of data including health, financial and identity information.

In February, the health insurer Anthem Inc. said hackers accessed data on about 80 million people. In March, Premera Blue Cross, which operates in the northwestern U.S., said information on 11 million people may have been exposed.

To protect customers, CareFirst said it will offer victims two years of credit and identity theft monitoring. It's also asking them to set up new user names and passwords.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.