Premera Blue Cross Hacked: 11 Million Customers Could Be Affected

A man types on a computer keyboard in this illustration file picture. A barrage of damaging cyberattacks is shaking up the security industry, with some businesses and organisations no longer assuming they can keep hackers at bay, and instead turning to waging a guerrilla war from within their networks.
A man types on a computer keyboard in this illustration file picture. A barrage of damaging cyberattacks is shaking up the security industry, with some businesses and organisations no longer assuming they can keep hackers at bay, and instead turning to waging a guerrilla war from within their networks.KACPER PEMPEL / Reuters

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.

Health insurer Premera Blue Cross was the target of a major cyberattack, and personal or health data for as many as 11 million people may have been compromised, the company announced Tuesday.

Premera said Tuesday hackers gained "unauthorized access" to its systems in a "sophisticated attack" that began May 4, 2014. Just last month, health insurer Anthem disclosed a major breach that may have affected as many as 80 million records.

The Premera attackers may have accessed several types of data for 11 million individuals, including: name, date of birth, Social Security number, mailing address, email address, telephone number, member identification number, bank account information, and claims information, including clinical information.

The customer information that may have been compromised dates back to 2002, Premera said.

The attack affected customers of Premera Blue Cross -- which provides health plans in the Pacific Northwest and is part of the Blue Cross Blue Shield Association -- as well as Premera BCBS of Alaska and affiliate brands Vivacity and Connexion.

The people affected may also include "Individuals who do business with Premera" and gave the company their email addresses, bank account numbers or Social Security numbers.

The Federal Bureau of Investigation has been investigating the attack, Premera said, and the company also worked with cybsecurity firm Mandiant to assess the situation.

Premera will mail letters to the 11 million people affected starting on Tuesday –- those affected should receive a letter by April 20 -- and those people will be eligible for two years of free credit monitoring and identity theft protection services. Premera is posting information and updates about the attack at premeraupdate.com.

IN-DEPTH

Breaking News Emails

Get breaking news alerts and special reports. The news and stories that matter, delivered weekday mornings.
MORE FROM news