On July 19, 2024, Qualtrics, LLC reported a data breach to the Attorney General of Montana. This breach, which impacted members of Blue Cross Blue Shield of North Carolina (BCBS NC), involved unauthorized access to confidential information. The leaked data included names, email addresses, demographic details, and health insurance information. Qualtrics’ investigation revealed that the breach stemmed from compromised credentials that allowed unauthorized access to BCBS NC customer accounts within Qualtrics’ system.
The breach was discovered on May 7, 2024, when Qualtrics identified suspicious activity involving unauthorized access to their customer account. Following this discovery, Qualtrics initiated an immediate review of the compromised data to assess the extent of the breach and identify affected individuals. By May 23, 2024, the company had determined which specific data was exposed and to whom, confirming that sensitive personal and health-related information was involved.
In response, Qualtrics began notifying affected individuals on July 19, 2024. These notification letters included details about the nature of the breach and the specific data that may have been compromised. The company also provided guidance on how recipients could protect themselves from potential identity theft and fraud, emphasizing the importance of monitoring personal accounts and credit reports.
Qualtrics, based in Provo, Utah, is a prominent CRM software provider specializing in data collection and analysis. The company serves a diverse range of clients with services designed for customer and employee experience management. With over 4,800 employees and annual revenues around $1 billion, Qualtrics has undertaken measures to enhance security and prevent future breaches, including a thorough review and update of their security protocols.
Reference: