Premera Blue Cross Breach Leaves 11 Million Customers With Possibly Compromised Data

Another day, another breach – this time another health care services provider. Premera Blue Cross disclosed earlier this week that their network has been hacked, leaving the financial and medical records of 11 million customers at risk. Also in the deja vu theme: once again the intrusion is thought to be connected to state-sponsored cyber criminals out of China.

“Our investigation determined that the attackers may have gained unauthorized access to applicants and members’ information, which could include member name, date of birth, email address, address, telephone number, Social Security number, member identification number, bank account information, and claims information, including clinical information. This incident also affected members of other Blue Cross Blue Shield plans who sought treatment in Washington or Alaska,” the company wrote on the site they have set up to address breach questions. “Individuals who do business with us and provided us with their email address, personal bank account numbers or Social Security numbers are also affected. The investigation has not determined that any such data was removed from our systems.  We also have no evidence to date that such data has been used inappropriately.”

The firm also confirmed that the attack was first discovered in late January, and that the system seems to have been first compromised in May 2014.

“This incident affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and our affiliate brands Vivacity and Connexion Insurance Solutions, Inc,” the company said.

The company also notes that it will soon begin informing affected customers via postal mail, and that through Experian they will be offering two years of credit monitoring.

Security firm Mandiant and the FBI are collaborating on this latest health care breach. The FBI confirmed their investigation, but had no comments on it, due to its status as ongoing.

“Cybercrime remains a significant threat and the FBI will continue to devote substantial resources and efforts to bringing cyber criminals to justice,” the FBI said in an emailed statement to security blogger Brian Krebs.

There are indications that this may be the work of the Chinese espionage group – known as Deep Panda in some circles –  that was responsible for the Anthem breach.  

More on this story as it develops. Stay tuned.