MINNEAPOLIS (AP) — Blue Cross Blue Shield of Minnesota is scrambling to improve its cybersecurity after an internal whistleblower raised concerns that the state’s largest health insurer has neglected thousands of important updates to its computer system.
The company’s top cybersecurity executive, Amy Ecklund, says the insurer has been working diligently in recent weeks to reduce its vulnerability for a cyber attack.
Internal documents show the company has allowed 200,000 vulnerabilities deemed “critical”or “severe” to linger for years on its computer systems, despite warnings to executives.
Software patches were available in most cases to fix the issues.
Blue Cross insures 2.8 million people.