The hack attack on CareFirst may have compromised as many as 1.1 million of its customers out of the 3.2 million total customers, including their names, email addresses and birth dates. CareFirst says that as of not there is no information that the hackers accessed sensitive financial or medical information like Social Security numbers, credit card information and medical claims. CareFirst which is based in Maryland and has majority of customers in and around Washington, said the attack occurred in June and described it as “sophisticated.” Chet Burrell, CareFirst’s chief executive, said the company contacted the Federal Bureau of Investigation, which is investigating attacks against the insurers Anthem and Premera. “They are looking into it,” he said. It is now a well known fact that hackers and cyber criminals have shifted their focus from financial companies to healthcare sector because it offers more lucrative returns for them. The hackers target Insurance companies for medical information data which commands a premium over payment cards in the underground markets. While stolen credit card data fetch around $5 to $15 on the dark net forums, medical information of an individual can fetch upwards of $20. Though CareFirst hackers may not have got their hands on such medical information, prima facie it seems that the motive behind the hacking was medical information. In other recent attacks on insurers, hackers gained access to the Social Security numbers nearly 80 million Anthem customers and the Social Security numbers and bank account information of 11 million Premera customers.