Photograph by Getty Images

This big U.S. health insurer just got hacked

Sep 10, 2015

Excellus BlueCross BlueShield announced Wednesday that more than 10 million of its customers' information has been exposed in a massive cyberattack. The breach mainly affects residents of upstate New York, where the health insurance company is based.

The cyberattack is one of the 20 largest healthcare breaches ever reported, and it follows a string of other attacks on Blue Cross-affiliated companies nationwide, according to The Hill. Though the insurer didn't notice the breach until August of this year, the actual attack occurred in December 2013.

The attackers so far haven't used the information exposed, the report said, but they have access to customers' social security numbers, names, addresses, birthdates, financial information, and claims. Excellus is offering impacted customers two free years of identity-theft protection.

The attack is the latest uncovered in a string of high-profile healthcare cyberattacks this year. In February, the country's second-biggest insurer, Anthem, which provides plans in 14 different states, announced that a hack left 78.8 million people exposed. In March, Premera Blue Cross revealed that it had been the victim of an attack that exposed 11 million customers.

All products and services featured are based solely on editorial selection. FORTUNE may receive compensation for some links to products and services on this website.

Quotes delayed at least 15 minutes. Market data provided by Interactive Data. ETF and Mutual Fund data provided by Morningstar, Inc. Dow Jones Terms & Conditions: S&P Index data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. Terms & Conditions. Powered and implemented by Interactive Data Managed Solutions