CHATTANOOGA, Tenn. — A significant data security breach has affected around 1,650 members of BlueCross BlueShield of Tennessee (BCBST), linked to information managed by Berkeley Research Group, LLC (BRG). This global consulting firm had previously supported BCBST and other Blue Cross and Blue Shield Plans in a legal case, necessitating access to member information.
The incident came to light on December 15, 2025, after BCBST was alerted to the involvement of its members. BRG conducted a thorough analysis over several months to identify those affected. Thankfully, so far, no instances of fraud or identity theft related to the breach have been reported. The specific data that may have been accessed varies among members but could include:
- Name - Health insurance carrier - Member ID and group number - Patient account number - Medical provider name
%20(1)%20(1).webp)
In response to this incident, BRG is directly notifying the impacted members with detailed information pertinent to their situation.
The breach was identified on March 2, 2025, when BRG noticed suspicious activities on its network. Following this discovery, the firm enlisted assistance from leading cybersecurity experts, ultimately determining that unauthorized access occurred briefly between February 28 and March 2, 2025, during which certain member information was copied.
In reaction to this threatening situation, BRG took swift measures to secure its systems. "Upon discovering the incident, we acted quickly, implemented improved threat detection, rotated credentials, and rebuilt the compromised environments under expert guidance," said a spokesperson from BRG. The company has indicated that there has been no further suspicious activity since the breach and has been cooperating with law enforcement and regulatory authorities to mitigate the fallout.
As an additional precaution, BRG is offering two years of complimentary identity monitoring services through Kroll. These services include credit monitoring, fraud consultation, and identity theft restoration. Eligible members will receive instructions on how to enroll along with a unique membership number via mail. BCBST urges its members to stay vigilant and regularly monitor their credit reports for any unusual activity.
For any inquiries regarding the incident, members can reach out to BRG’s dedicated assistance line at (866) 291-2114 on weekdays from 9 a.m. to 6:30 p.m. ET, excluding holidays.
In light of these developments, BCBST maintains its commitment to protecting member information and intends to continue supporting BRG as it finalizes its response to this incident.
About BCBST: BlueCross BlueShield of Tennessee serves over 3.3 million members across the state and nationwide, operating as a taxpaying, not-for-profit health plan based in Chattanooga since 1945. As an independent licensee of the BlueCross BlueShield Association, BCBST has been a trusted healthcare provider for 80 years. For more details, please visit their news center at bcbstnews.com or their website at bcbst.com.
The focus moving forward will be on transparency and swift action in addressing potential vulnerabilities exposed by this incident, reassuring members about their security and the integrity of their information.