blue cross of new mexico data breach

Blue Cross and Blue Shield of New Mexico Data Breach: What You Need to Know

If you are a member of Blue Cross and Blue Shield of New Mexico, you may have received a letter informing you that your personal and health information was compromised in a data breach that occurred between May 30 and June 2, 2023.

The breach happened when an unauthorized party accessed the private health information of Blue Cross and Blue Shield members at a vendor of TMG Health, a company that used the compromised MoveIt health application in the course of providing administrative services to Medicare enrollees of HCSC Insurance Services Company, which contracts with the Centers for Medicare and Medicaid Services.

The breach also exposed the information of some members who are enrolled in Medicare Advantage plans.

Blue Cross and Blue Shield of New Mexico said the compromised member information potentially includes:

  • Social security numbers
  • Bank account information
  • Names
  • Addresses
  • Email addresses
  • Phone numbers
  • Dates of birth
  • Health insurance information, including medical claims information, billing information, and/or medical treatment information.

The insurance agency recently sent out letters to past and current members whose protected health information may have been impacted by the incident.

Members are also advised to monitor their credit reports, bank statements, and health insurance statements for any suspicious activity.

Blue Cross and Blue Shield said, “TMG is working closely with the vendor to ensure systems are updated to block these activities and prevent disclosures of this nature from occurring in the future,” and that law enforcement has been notified about the incident.

“Blue Cross and Blue Shield of Mexico takes the confidentiality of its members’ data very seriously,” a spokeswoman for the health agency, said in a statement. “Members are being provided with steps to take to help recognize identify theft and are being offered one-year of complimentary personal identity and privacy protection through a national leader in data breach response services.”

Data breaches are becoming more common and costly for businesses and consumers alike. According to a report by IBM Security, the average cost of a data breach in 2022 was $4.24 million, the highest in 17 years.

Data breaches can have long-term consequences for the victims, such as identity theft, fraud, and emotional distress.

If you are concerned about your online privacy and security, here are some tips to help you protect yourself:

  • Use strong and unique passwords for your online accounts and change them regularly.
  • Enable two-factor authentication whenever possible to add an extra layer of security to your login process.
  • Be wary of phishing emails and texts that ask you to click on links or provide personal information. Verify the sender’s identity and contact them directly if you are unsure.
  • Avoid using public Wi-Fi networks or devices to access sensitive information or perform financial transactions. Use a VPN service to encrypt your online traffic and hide your IP address.
  • Review your privacy settings on social media platforms and limit the amount of personal information you share online.
  • Check your credit reports annually for free at and report any errors or fraudulent accounts.
  • Freeze your credit files with the three major credit bureaus (Equifax, Experian, and TransUnion) to prevent unauthorized access to your credit history.
  • If you suspect that your identity has been stolen or compromised, report it to the Federal Trade Commission (FTC) at and follow the steps to recover your identity.

Your Legal Rights

Participants in data breach lawsuits can seek compensation, injunctive relief, and any other remedies a court deems appropriate.