in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Encryption Software On 68 Missing Blue Cross Blue Shield Hard Drives?

Oh, my -- this just isn't a good week for Blue Cross Blue Shield (BCBS).  In addition to reports of the missing laptop with SSNs of over 850,000 doctors, BCBS in Tennessee has announced the theft of 68 computer hard drives.  While articles related to latest breach don't mention the presence of full disk encryption like AlertBoot, I'm gonna go out on a limb here and guess that these devices were protected.

Prior Knowledge - Stolen Laptop

How did I arrive at this conclusion?  Well, BCBS had released a story earlier this week on the theft of a personal laptop computer.  It contained the information of all doctors in the BCBS network.  In it, they had commented that all computers used at BCBS were encrypted.  I imagine that this policy of encrypting computers would have been extended to any hard drives as well.

(BCBS in New Jersey had a similar breach almost two years ago, and no doubt that incident had an effect on the use of encryption at the HMO).

What Happened

The theft of the 68 hard drives was discovered on Monday at BCBS Eastgate offices.  A "burglar alarm" is said to have gone off on Friday, but it's been mentioned that it would have "generated a computer ticket" [wreg.com].

If my superficial knowledge regarding computer tickets is of any use, it seems to imply that this so-called "burglar alarm" was actually just a "server down" alarm, which happens is a computer drive is taken off-line, for example.  No wonder, then, that the police didn't show up when the alarm was set off: the only person being notified was probably some overworked IT guy.

It looks like nothing else was stolen aside from the hard drives, which leads to the question: was the burglary targeting personal information?  So far, BCBS is not sure what type of information was stored on the stolen drives.

It shouldn't be an issue, though, assuming I'm right and encryption software was used to secure the contents.  Without the correct username and password, it means that whoever stole these devices will not be able to access the devices.

Well, assuming it's not an inside job, which is debatable.  According to reports, there were no signs of forced entry, and initially it looked like nothing was missing (how do you miss 68 drives?  Perhaps they were stored in a closet?)

Update, 06 OCT 2009

According to the latest press release by Blue Cross Blue Shield, the drive in question are unlikely to have contained personal information.  They contained training material:

Over the weekend, unauthorized persons entered a data closet in a remote location that BlueCross BlueShield of Tennessee still leases for training purposes (Eastgate Town Center). They removed some computer equipment, including small hard drives containing encoded data. [wdef.com]

Ah, look at that--my gut feeling was right: the drives were using encryption.  Even more good news.

Update, 31 NOV 2009

"We have confirmed that the hard drives contained encoded data recordings and certain protected health information. May have included the member’s name and ID number. May have included the member’s date of birth or Social Security Number."

The above is the latest announcement from BCBS in TN.  However, note that the use of encryption is still true.

Update, 01 DEC 2009

Looks like I jumped the gun there.  The information was encoded but not encrypted.  That is highly disappointing.


Related Articles and Sites:
http://www.wreg.com/sns-ap-tn--missingharddrives,0,775043.story
http://www.chattanoogan.com/articles/article_160397.asp
http://wdef.com/news/stolen_hardware_update_bluecross_says_unlikely_that_personel_information_has_been_compromised/10/2009

 
<Previous Next>

Missing Blue Cross Blue Shield Computer Update

Data Encryption: BlueCross BlueShield Breach Prompts Affiliates' Notifications

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.