From startribune.com
Blue Cross Blue Shield of Minnesota is working rapidly to shore up its cybersecurity defenses after an internal whistleblower raised alarm that the state’s largest health insurer had long neglected thousands of important updates.
Internal documents show that Minnesota Blue Cross allowed 200,000 vulnerabilities classified as “critical” or “severe” to linger for years on its computer systems, despite stark warnings to executives. Software patches were available to fix most of the weak points.