Premera Blue Cross, an independent licensee of the Blue Cross Blue Shield Association serving businesses and residents of Alaska and Washington state, announced today that it has been the victim of a broad-scale cyberattack. In response, the health care insurer says it will offer two years of free credit monitoring and identity theft protection services to individuals affected by the breach.
According to Reuters, the cyberattack may have exposed medical data and financial information of 11 million customers in the latest case of healthcare company reporting a serious breach.
It said the attackers may have gained access to claims data, including clinical information, along with banking account numbers, Social Security numbers, birth dates and other personal data in an attack that began in May 2014 and was uncovered on Jan. 29 of this year.
Victims of recent breaches in the healthcare system, including Anthem Inc and hospital operator Community Health Systems Inc, have said they believe the attackers did not access medical information.
Premera said it is working with the FBI and investigators from FireEye Inc to investigate the matter.
The attack affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and affiliate brands Vivacity and Connexion Insurance Solutions.
Premera is beginning to mail letters to approximately 11 million affected individuals today and is providing two years of free credit monitoring and identity theft protection services to those individuals. Premera also has established a dedicated call center for its members and other affected individuals. More information can be found at:www.premeraupdate.com. The information involved in this incident dates back to 2002 and individuals who believe they are affected by this cyberattack but who have not received a letter by April 20, 2015, are encouraged to call the number listed at that website.
Along with steps taken to cleanse its IT system of issues raised by this cyberattack, Premera is taking additional actions to strengthen and enhance the security of its IT systems moving forward.
Additional information about Premera’s response to this cyberattack can be found at www.premeraupdate.com. [24×7]