Health insurer Premera Blue Cross announced on Tuesday it was the victim of a cyberattack that may have collectively exposed more than 11M patients’ information including name, date of birth, phone number, social security number, and home address were taken. Premera first detected that cyberattackers had executed a sophisticated attack to gain unauthorized access to their IT systems on Jan. 29; however, after further investigation discovered the attack may have initially occurred last May.
The data breach impacts Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and affiliate brands Vivacity and Connexion Insurance Solutions, Inc. as well as Blue Cross Blue Shield plans who sought treatment in Washington or Alaska. Premera has notified the FBI and has fully cooperated with their investigation, as well as bringing on cybersecurity firm Mandiant to evaluate their systems and identify solutions.
“I recognize the frustration that the news of this cyberattack may cause. The privacy and security of our members’ personal information is a top priority for us. As much as possible, we want to make this event our burden, not yours, by making services available to protect you and your information moving forward.”
“We are providing two years of free credit monitoring and identity theft protection services, including identity theft insurance. You can sign up for these services today. All of us here at Premera have been affected by this attack and we understand and share your concerns. Please know that we’re committed to making sure you get the tools and assistance you need to help protect you,” Premera President and CEO, Jeff Roe said in a statement.
Six Weeks Incident Report Delay?
Washington’s insurance commissioner, Mike Kreidler expressed concern that it took Premera”approximately six weeks to notify my office” about the data breach about the incident was first detected. When asked about the six week delay, Eric Earling, a Premera spokesman stated the insurer was “strongly advised by experts it was important to complete the investigation and secure our systems” before making the attack public (Matthews/WSJ/3/18/15).
Premera is the latest target of cyberattacks after Anthem suffered a data breach affecting 80 million customers last month. Premera believes the two incidents were unrelated
“The caliber of breaches we are seeing today shows that traditional security tools alone aren’t enough. Businesses must be as nimble as the attackers and be able to adapt in real time to defend against evolving threats. It is not enough for health care providers to rely on a perimeter security solution for protection, because malware is changing faster than you can update today’s signature-based defensive technologies. In order to meet these increasing threats, it becomes imperative for organizations to invest in security mechanisms that include a deception-based security layer within their network. This provides the capability to detect advanced malware after it has penetrated your perimeter, capture it and then defend against it in the future,”said Carl Wright, general manager of TrapX. .