Premera Blue Cross cyberattack affected 11 million people’s records
The company said it had been a victim of a “sophisticated” cyberattack in which its systems and databases were breached, and attackers may have also captured sensitive data on people’s claims and clinical information. The Washington-based company serves millions of customers across Washington, Oregon, Alaska and other states.
“As many as 11 million people were affected by the breach, including members and prospective members of our services and associated brands,” said the company in a statement.
A slew of personal information of members and applicants was taken, including names, dates of birth, email and postal addresses, phone numbers, Society Security numbers and bank account information.
“We also have no evidence to date that such data has been used inappropriately,” said the company.
— CNET (@CNET) March 18, 2015
The insurer discovered the attack on January 29 but said the initial attack began earlier on May 5, 2014, when hackers gained unauthorized access to the company’s information technology systems.
Premera said it has notified the FBI and is coordinating with its investigation into the attack.
“The privacy and security of our members’ personal information is a top priority for us. As much as possible, we want to make this event our burden,” said Jeff Roe, President and CEO of Premera.
The company is offering clients two years of free credit monitoring and identity protection services to anyone affected by the hack.
— Richard Blech (@RichardBlech) March 17, 2015
Cyberattacks have occurred at other healthcare systems companies. At the same time as the hack on Premera, the Anthem health insurance company had a breach were around 80 million customer records were stolen. An Anthem services operator, Community Health Systems, was also hacked and 19 million non-customer records were accessed, but the companies believe attackers did not have access to medical information.