Vermont health insurance customers exposed in data theft via GoAnywhere hack

In January, a cyberattack on an IT management software company called Fortra LLC via the GoAnywhere manged file transfer service resulted in the theft of personal information from more than 16,000 Vermont health insurance customers.

Initially, it was reported that the data breach affected 7,000 retired Vermont teachers who were members of Vermont Blue Advantage. However, after the news was published, more affected individuals, including retired teachers, reached out to clarify the extent of the breach.

Blue Cross Vermont admitted to a miscommunication with NationsBenefits, their supplemental benefits administrator, resulting in a delayed notification and understanding of the full impact.

The affected individuals include:

• Over 14,000 Vermont residents,  members of Vermont Blue Advantage health insurance plans.
• 300 individuals were enrolled with Aetna ACE,
• 50 were affiliated with UAW Retiree Medical Benefits Trust.
• 2,250 individuals affected by the breach were members of Vermont Blue Advantage but lived out of state.

The stolen personal information included names, dates of birth, addresses, medical and insurance details, and bank information for approximately 5% of the affected customers. However, no Social Security numbers or credit card numbers were compromised.

NationsBenefits took responsibility for notifying affected parties and has offered 24 months of free identity protection services, including credit monitoring, identity theft resolution, and identity theft insurance.