On June 21, 2023

16,000 Vermont health insurance customers affected by data theft

 

The cyberattack mostly impacted members of Vermont Blue Advantage

By Tiffany Tan/VTDigger

The personal information of at least 16,000 Vermont health insurance customers was stolen in a cyberattack in January — more than twice the number originally reported.

The affected people included over 14,000 Vermont residents, of whom 13,700 were members of Vermont Blue Advantage health insurance plans, the state Attorney General’s Office said this week.

It said the other residents were on different insurance plans: nearly 300 with Aetna ACE and about 50 with UAW Retiree Medical Benefits Trust.

Another roughly 2,250 individuals were members of Vermont Blue Advantage who lived out of state, according to Blue Cross Blue Shield of Vermont, an owner of the privately managed Medicare Part C plan. The company said that, nationwide, the cyberattack affected thousands of organizations and millions of people.

VTDigger reported earlier this month that the Jan. 30 data breach of an IT management software company, Fortra LLC, compromised the personal information of 7,000 retired Vermont teachers who were members of Vermont Blue Advantage, based on information from the state treasurer’s office. (Fortra provided software that Vermont Blue Advantage used to exchange files with its supplemental benefits administrator, NationsBenefits.)

After the story was published, VTDigger received multiple messages from Vermont retirees affected by the data breach — people who were not retired teachers and wondered about the extent of the breach within the state.

The state Attorney General’s Office didn’t learn until May 26 that over 14,000 Vermont residents were involved, said spokesperson Lauren Jandl. 

Blue Cross Vermont said the company didn’t inform the state Department of Financial Regulation of the data breach until late last Thursday, because of a miscommunication between it and NationsBenefits about who was going to contact the department. 

Blue Cross spokesperson Sara Teachout said NationsBenefits had sent a letter to each affected member, detailing what personal information was stolen in the data breach.

She said that information included names, dates of birth, addresses, medical and insurance details and, for 5% of the affected customers, their bank information. The company said no Social Security numbers or credit card numbers were taken.

When asked why NationsBenefits sent the notification letters — which some recipients initially thought was junk mail because they had never dealt with that entity — Teachout said that was NationsBenefits’ responsibility in the incident.

“As the company that experienced the cyberattack and resulting data breach, NationsBenefits is responsible for notifying impacted parties,” she said in an email.

Teachout said NationsBenefits, Blue Cross and Vermont Blue Advantage also reported the breach to the Office for

Do you want to submit feedback to the editor?

Send Us An Email!

Related Posts

Vt Legislature advances bill to ban toxic ‘forever chemicals’ from firefighting gear, dental floss, cleaning products

June 4, 2025
The Vermont Senate and House advance legislation (H.238) May 29 that would outlaw the use of toxic perfluoroalkyl and polyfluoroalkyl substances (PFAS) in firefighting gear, dental floss, cleaning products, and fluorine-treated containers—a critical step in reducing Vermonters’ exposure to these harmful substances. The Senate expanded the bill as passed by the House by adding a provision that…

To be continued…

June 4, 2025
A final compromise on education reform proved elusive late Friday, and at about 11 p.m., the Senate adjourned, followed by the House at about 11:30 p.m. As late as 10 p.m., legislative leaders were still hopeful that the six conferees (three House and three Senate members) could reach a deal sometime before midnight that would…

Nearing the end?

June 4, 2025
After passing several challenging bills in the last few weeks, the Vermont Legislature adjourned until June 16 due to an impasse over negotiations on our education transformation bill, H.454. Many other bills addressing housing, homelessness, healthcare, and several other major issues required compromises from both the House and the Senate in order to be passed…

Vermont gets $23 million from ongoing settlement with tobacco manufacturers

June 4, 2025
Attorney General Charity Clark announced last month that Vermont received a total of $23,132,483.92 from tobacco manufacturers under the tobacco Master Settlement Agreement (MSA). Annually, Vermont receives monies from tobacco manufacturers from the MSA, which resolved the state’s lawsuit filed in the 1990s. The settlement funds are credited to the state’s Tobacco Fund, and the…