Arkansas Blue Cross and Blue Shield warns of data breach involving member information

LITTLE ROCK, Ark. (KAIT) – Arkansas Blue Cross and Blue Shield announced a recent vendor data breach involving its members’ personal information.

According to a message on BCBS’ website, Healthmine, a vendor that hosts a rewards portal for members, recently investigated unauthorized access to rewards accounts for certain members.

“An unknown bad actor accessed accounts in the Blue Wellness Rewards program to attest to health actions and redeem digital gift cards,” the message said.

No social security numbers or financial information were involved, according to officials.

As a result of the breach, Healthmine has disabled members’ Rewards accounts and blocked internet domains believed to be connected to the breach.

BCBS said it is working with Healthmine to implement more security measures in its system, such as multi-factor authentication for registration, and revised procedures to redeem rewards and changing member information.

“While it appears that the bad actor was focused on stealing Rewards gift cards rather than identity theft, Arkansas Blue Cross is offering affected members the opportunity to enroll, free of charge, in a complimentary one-year membership with Experian’s IdentityWorksSM program,” the message said.

BCBS said if you get a letter indicating you have been affected, you will be provided with information on what to do next to protect your identity.

If you need more information, you can call BCBS’ customer service at 800-238-8379 from 8 a.m. to 5 p.m., Monday to Friday.

To report a typo or correction, please click here.