BCBS of Massachusetts Reports Third-Party Vendor Data Breach | TechTarget. BCBS of Massachusetts reported a third-party vendor data breach involving its pension plan payment vendor. Blue Cross and Blue Shield (BCBS) of Massachusetts began notifying 4,855 individuals of a third-party vendor data breach, a notice on the Maine Attorney General’s Office website stated. The breach originated at LifeWorks US, a vendor used by BCBS of Massachusetts and BCBS of Massachusetts HMO Blue for services related to pension plan payments. Third-party company: LifeWorks US.