Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors


Excellus Data Breach Investigation

Goldman Scarlato & Penny, P.C. is investigating a possible claim on behalf of persons whose private information was compromised as a result of a data breach announced by health insurance provider Excellus BlueCross BlueShield (“Excellus”) on September 9, 2015.

According to news reports, “Excellus is the largest health insurer in the Rochester, N.Y., region with customers in multiple counties across New York. Other affiliates believed to have been breached include MedAmerica and Univera Healthcare.”

Excellus learned of the attack in August 2015 and in its announcement this week, admitted that its data systems had been hacked as far back as December 2013. It is believed that 10.5 million personal records were stolen, some of which were through Excellus’ parent company, Lifetime Healthcare Companies.

According to the company, thieves gained unauthorized access to personal data of Excellus’ current and former customers. The data they accessed included: names, social security numbers, addresses, email addresses, telephone numbers, financial information, and medical claims.

The Excellus data breach is the latest in a string of data breaches affecting large health insurance companies. For example, in February 2015, Anthem Inc., the second largest health insurer in the country, announced a data breach that exposed the personally identifiable information (commonly referred to as “PII”) of almost 80 million of its customers and employees. Then in March 2015, Premera Blue Cross announced a data breach that exposed the PII of 11 million customers and employees.

Unfortunately, how the stolen data might impact Excellus’ current and former customers will take some time to be revealed. As we saw with the March announcement of the Premera Blue Cross data breach, and the February announcement of the Anthem Inc. data breach, repercussions can be frightening. Coinciding with those two breaches were an alarming number of reports of stolen social security numbers being used to file false tax returns and claim refunds in the names of the persons whose identity was stolen. Potential fraudulent activity could also include health care fraud and obtaining credit cards in someone else’s name.

Following on the footsteps of the recent data breach, Excellus is offering two years of free credit monitoring and identity theft protection to its customers. However, these remedial actions come too late. Once the sensitive personal data of customers has been stolen, it is usually only a matter of time before the repercussions will be seen. In many cases, fraud stemming from the hack will continue long after the two years of credit monitoring has passed.

If you receive a notice from Excellus that your information was stolen or if you believe that you are a victim of the Excellus data breach, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating data breach actions against Community Health Systems, Anthem, Premera, Intuit, United Shore and Target. Please contact Mark Goldman at or Paul Scarlato at or call (484) 342-0700 with any questions you may have.

In our legal system, every person is innocent until and unless found guilty by a court of law or a tribunal. Whenever we reference “allegations” or charges that are “alleged,” such allegations or charges have not been proven, and are merely accusations, not findings of fault, as of the date of the blog. We do not have, nor do we undertake, a duty to continue to monitor or follow cases about which we report, and/or to publish subsequent updates regarding various developments that may occur in such cases. Readers are encouraged to conduct their own research regarding any such cases and any developments that may or may not have occurred in such cases. Also, the brokercheck report linked to some of our blogs is the up-to-date version as of the date of accessing. Visitors may check the most recent version of each brokercheck report at

Leave a Reply