“Up to 11,000,000 member names, Social Security numbers, dates of birth, addresses, phone numbers, email addresses, member identification numbers, financial and medical claims details possibly accessed by hackers”
Now this isn’t as big as the Anthem breach (80,000,000) but still very substantial. Here is the post from techcrunch.
Another U.S. health insurer has experienced a significant data breach. On Tuesday, Premera Blue Cross confirmed that it had been the victim of a cyberattack which may have exposed the private information belonging to its 11 million customers, including their bank account numbers, Social Security numbers, birth dates, emails, addresses, phone numbers, and even their claims and clinical information.
The company says that the attack began on May 5 of 2014, but it wasn’t discovered until January of this year. In a statement posted the insurer’s website, the incident is described as affecting Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and its affiliate brands Vivacity and Connexion Insurance Solutions, Inc.
While the attackers may have gained unauthorized access, Premera says it has not determined that the data was removed from its systems, nor has it yet been found to have been used inappropriately. However, the company is offering all affected parties two years of free credit monitoring and identity protection services as a precaution, and warns potential victims that it won’t email them or make unsolicited phone calls regarding the incident.
Unfortunately for cyber hacking victims, other scammers often follow on attacks like this with their own attempts at extracting private data through phishing schemes and social engineering tactics – as was the case shortly after the Anthem data breach.
As you likely recall, in February 2015, the nation’s second-largest insurer Anthem also saw attackers steal the personal information belonging to likely tens of thousands of customers, and soon after, these same victims were targeted with various phishing schemes.
While Premera’s attack may have been smaller in scale than Anthem’s, which saw over 70 million members affected to Premera’s 11 million, experts speaking to Reuters are now saying that it’s the largest breach involving patient medical information. Neither Anthem or the hospital operator Community Health Systems, which was breached last year, believed their attackers had gained access to medical information, that is.
In addition, 6 million of the 11 million customers were Washington state residents, and include those working at a number of large businesses, including Amazon, Microsoft and Starbucks.