Health Plan Member Portals Accessed Using Stolen Credentials
The Philadelphia-based health plan, Independence Blue Cross, and AmeriHealth HMO, Inc. and AmeriHealth Insurance Company of New Jersey have discovered unauthorized individuals gained access to pages in their member portals between March 17, 2020 and April 30, 2020 and potentially viewed the personal and protected health information of some of their members.
The types of information exposed included names, member identification numbers, plan type, spending account balances, user reward summaries, and claims information.
An investigation into the breach revealed valid credentials had been used to access the portal. In all cases...