Cyber Incident Victim: Blue Cross and Blue Shield of Florida

On June 8, 2021, Florida Blue’s IT security team identified multiple unauthorized login attempts targeting the insurer’s online member portal. The Jacksonville-based Blue Cross Blue Shield affiliate initiated an investigation that revealed a cyber-spoofing attack orchestrated by hackers leveraging a large database of compromised user credentials sourced from the internet. Attackers used these stolen usernames and passwords to impersonate legitimate members and gain improper access to the portal’s systems. Florida Blue confirmed the attackers successfully bypassed authentication controls during this credential-stuffing campaign, though the exact duration of unauthorized access prior to detection was not disclosed. The organization reported the breach to the U.S. Department of Health and Human Services (HHS) on July 1, 2021, designating it as affecting 30,063 individuals.

The compromised data included members’ contact information, health insurance policy details, claims records, and payment-related data. Florida Blue implemented enhanced technical controls for its web portal following the incident but did not specify the exact nature of these security upgrades. Affected members received notifications after the HHS filing and were offered two years of complimentary identity theft protection services. No evidence suggested misuse of exposed data beyond the initial unauthorized access, though the insurer acknowledged the potential risk of identity fraud stemming from the incident. The breach represented a targeted exploitation of reused credentials rather than a direct compromise of Florida Blue’s internal systems.