HMSA Patient Data Hacked Again!

Previously, SMP Hawaii posted a fraud alert about a cyberattack on Anthem BlueCross BlueShield, which exposed patient records of HMSA members that received health care services on the mainland.

This time, hackers got into the database of Excellus BlueCross BlueShield in New York. If you are a current or former HMSA member, who received medical or hospital services in New York state as far back as 1993, the hackers may have accessed your personal information such as your name, date of birth, email and mailing addresses, telephone numbers, bank account information, and claims information. HMSA’s Compliance & Ethics Office informed SMP Hawaii that if your Hawaii doctor ordered lab services or medical equipment for you from New York, you also may be affected. In addition, HMSA once offered long-term care insurance from MedAmerica, an Excellus affiliate; so, if you bought this insurance product, you also could be affected by the cyberattack. HMSA told SMP Hawaii that Excellus confirmed Security numbers were not included in the data that was accessed.  However, we know numbers on Medicare cards are Social Security numbers.

If you think you could be affected by this cyberattack, HMSA advises you to sign up for free identity protection and credit monitoring services. You can call the Excellus hotline at 1-877-589-3331 toll-free or HMSA at 948-6404 on Oahu or 1-800-459-3963 toll-free. Go to HMSA’s website at for updates.


Protect Yourself. Stop the Hackers.

We don’t have evidence of hacked personal health information being exposed to the public or used to create credit cards, for example; but, it could happen. Do what you can as a consumer to block hackers from getting in. Be careful with your email. Pay attention to what you click on, open, and answer. The Federal Trade Commission is a good resource for information about scams and tips for protecting yourself. Go to