Not-for-profit health insurer Premera Blue Cross said a data breach occurring about nine months before detection gained access to personal information of about 11 million people.
Premera said it discovered on January 29 that hackers has “executed a sophisticated attack to gain unauthorized access to our information technology systems,” which includes brands Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and affiliate brands Vivacity and Connexion Insurance Solutions Inc.
The Washington-based insurer said its investigation, working with cybersecurity firm Mandiant, has revealed hackers gained access to names, birthdays, email addresses, addresses, telephone numbers, Social Security numbers, member identification numbers, bank account information claims information and clinical information of members, employees and other people the insurer does business with, said Jeff Roe, president and CEO in an online video statement.
According to its website, Premera members include Starbucks, the University of Alaska and the Washington Education Association.
Premera said it notified the FBI, which is also investigating the breach. The insurer said it cleansed the IT system of issues from the cyberattack and is “taking additional actions to strengthen and enhance” its IT security.
With about 6 million customers in Washington, Premera is the largest health-insurance provider in the state. Insurance Commissioner Mike Kreidler said: “I shared my immediate concern that consumers be notified as soon as possible about this data breach and that Premera make all resources available to protect consumers’ personal data. I’m concerned that while Premera learned of this attack in January, it took approximately six weeks to notify my office.”
Premera said it has no evidence the information accessed by the breach has been removed from the IT system or used inappropriately.
According to reports, the hacking of Premera may have used the same methods used in the cyberattack against Anthem, the nation’s second-largest health insurer. Cybersecurity firm ThreatConnect said the hacking of Anthem was China-based. It exposed the information of nearly 80 million people.
“The Anthem breach exposes the insidious reality of modern Chinese cyber espionage as it continues its unrelenting strikes at the soft underbelly of the American way of life,” said ThreatConnect, who adds some of the same techniques were used on Premera.