P2021-ND-258

Blue Cross Life Insurance Company of Canada

On April 20, 2021, SBC discovered it was the victim of a ransomware incident that resulted in the encryption and unauthorized access to certain of its systems. On April 23, 2021, SBC advised the Organization that personal information relating to its disability claims might have been affected. On May 4, 2021, SBC advised the Organization that information relating to life and disability claims was accessed and provided an initial indication of the number of affected individuals. The Organization reported that its network and systems are separate from those of SBC and there is no indication that the Organization?s systems were accessed or compromised. The Organization reported that SBC?s investigation determined that the root cause of the incident and compromise of its systems was likely through a phishing email, although the root cause of the incident cannot be conclusively determined. SBC informed the Organization that a third party threat actor had unauthorized access to certain of SBC?s systems between approximately April 6, 2021 and April 20, 2021.

File Type: pdf
Categories: 2021
Tags: Unauthorized access