Ransomware Attack on Business Associate of Blue Cross Blue Shield of Michigan

A ransomware attack on a business associate of Blue Cross Blue Shield of Michigan has potentially compromised the protected health information (PHI) of some of its plan members. This is the second data breach that has affected members of Blue Cross Blue Shield of Michigan to be announced in the past month. The other breach involved a laptop computer containing the PHI of the plan members, which was stolen from another business associate. While the laptop was encrypted, the keys to decrypt data may have been compromised.

The most recent breach affected Austin, TX-based Wolverine Solutions Group: A vendor that provides business services to Blue Cross Blue Shield of Michigan and a number of healthcare customers.

The ransomware was installed on Wolverine solutions’ systems on September 23, 2018 and resulted in the encryption of files on its servers and workstations. Some of those files contained the PHI of plan members.

A third-party computer forensics company was called in to conduct a breach investigation but failed to find any evidence of data theft; still, data theft cannot be completely ruled out. The attacker potentially accessed or copied the following types of information: Demographic information, health plan contract numbers, and some health data. The Social Security numbers of some people may have been been compromised.

According to Databreaches.net, the data breach also affected other healthcare clients such as Molina Healthcare. Molina Healthcare notified 895 patients that some of their PHI was exposed as a result of the breach.

Wolverine Solutions has notified all individuals affected by the breach and has offered them one year of complimentary credit monitoring services. As per the policies of Blue Cross Blue Shield of Michigan, its members were offered two years of those services without charge.

Wolverine Solutions has taken steps to enhance security and has now transitioned to a new computer system that offers greater protection against ransomware attacks. All employees also underwent further training about the new security measures that have been put in place.