News

Premera Blue Cross Breach Leaves 11 Million Customers With Possibly Compromised Data

Another day, another breach - this time another health care services provider. Premera Blue Cross disclosed earlier this week that their network has been hacked, leaving the financial and medical records of 11 million customers at risk. Also in the deja vu theme: once again the intrusion is thought to be connected to state-sponsored cyber criminals out of China.

“Our investigation determined that the attackers may have gained unauthorized access to applicants and members’ information, which could include member name, date of birth, email address, address, telephone number, Social Security number, member identification number, bank account information, and claims information, including clinical information. This incident also affected members of other Blue Cross Blue Shield plans who sought treatment in Washington or Alaska," the company wrote on the site they have set up to address breach questions. “Individuals who do business with us and provided us with their email address, personal bank account numbers or Social Security numbers are also affected. The investigation has not determined that any such data was removed from our systems.  We also have no evidence to date that such data has been used inappropriately.”

The firm also confirmed that the attack was first discovered in late January, and that the system seems to have been first compromised in May 2014.

“This incident affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and our affiliate brands Vivacity and Connexion Insurance Solutions, Inc,” the company said.

The company also notes that it will soon begin informing affected customers via postal mail, and that through Experian they will be offering two years of credit monitoring.

Security firm Mandiant and the FBI are collaborating on this latest health care breach. The FBI confirmed their investigation, but had no comments on it, due to its status as ongoing.

“Cybercrime remains a significant threat and the FBI will continue to devote substantial resources and efforts to bringing cyber criminals to justice,” the FBI said in an emailed statement to security blogger Brian Krebs.

There are indications that this may be the work of the Chinese espionage group - known as Deep Panda in some circles -  that was responsible for the Anthem breach.  

More on this story as it develops. Stay tuned.

——————————

PYMNTS TV LIVE OCTOBER SERIES: B2B PAYMENTS 2021 – WHAT WILL YOU CHANGE? 

Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border. Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

Click to comment

TRENDING RIGHT NOW