Health insurer Premera Blue Cross announced that it was targeted in a cyber attack that compromised the personal information of up to 11 million customers.
On Jan. 29, 2015, the insurer discovered that cyber criminals gained unauthorized access to the company's IT systems. A more thorough investigation revealed that the initial attack took place on May 5, 2014. The insurer notified the FBI, and cyber security firm Mandiant is also investigating the incident.
Hackers may have gained unauthorized access to applicants and members' information, including member name, date of birth, email address, address, telephone number, Social Security number, member identification numbers, bank account information and claims data, as well as clinical information. This could impact customers dating back to 2002.
The company said that while it appears hackers may have gained access to this information, there's no evidence that the information has been used illegally.
The breach affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and affiliate brands Vivacity and Connexion Insurance Solutions. It also impacted Blue Cross Blue Shield customers who sought treatment in Washington or Alaska.
Premera has started mailing letters to potential victims. It is also providing two years of credit monitoring and identity theft protection services, as well as identity theft insurance, to those that may have been affected. A call center will also be available to customers.
“I recognize the frustration that the news of this cyber attack may cause," Jeff Roe, president and CEO of Premera wrote in an online statement on PremeraUpdate.com. “The privacy and security of our members' personal data is a top priority for us."
Investigators are trying to determine who is behind the cyber attack. According to KrebsOnSecurity.com, there are indicators that this breach might have been the work of state-sponsored espionage groups based in China. The security firm Mandiant that has been enlisted to help Premera in its investigation specializes in tracking and blocking attacks from state-sponsored hacking groups, particularly those based in China, Brian Krebs writes in his post.
Krebs also writes, “There are indicators that this may be the work of the Chinese espionage group tied to the breach disclosed earlier this year at Anthem, an intrusion that affected some 78 million Americans."
On another note, there haven't been any traces of the data from the Premera or Anthem breaches on Internet black markets used by identity thieves, which could support one theory that the Chinese are harvesting personal data on Americans whom they could target on spying operations, according to The Wall Street Journal.
Premera's employer clients include Microsoft Corp. and Starbucks Corp.