• Blue Cross and Blue Shield of Louisiana compromised sensitive personal information of 1,700 brokers, including:
• Social Security numbers; and
• phone numbers and addresses.

Relevance to Business Activities:

• data loss prevention considerations:
• the information was accidentally attached to a general e-mail to brokers about software upgrades:
• the brokers receiving the e-mail were the same ones whose information was exposed; and
• no customer information was involved.

• breach response considerations:
• Blue Cross:
• recalled the e-mail within moments of sending it;
• notified brokers of the error;
• requested recipients delete the information and confirm with Blue Cross that they had done so;
• apologized for the incident;
• has taken steps with its technology systems to ensure such an error does not occur again; and
• is offering free credit monitoring for 12 months.

Source Document:

http://www.businessinsurance.com/cgi-bin/news.pl?post_date=2008-09-30&id=14084