Premera Blue Cross hack exposes 11M

Breach is the second largest to hit healthcare, after Anthem
By Mike Miliard
09:52 AM
Share
Computer hack

In what looks to be becoming a trend, another health plan has been targeted with a "sophisticated cyberattack," with hackers gaining access to the financial and medical information of 11 million members.

Washington state-based Premera Blue Cross, a not-for-profit plan whose corporate clients include Pacific Northwest giants Microsoft and Starbucks, announced the breach, which was detected in January, on March 17.

The attackers – who some have suggested may be the same Chinese spies suspected in the massive Anthem breach revealed this past month, gained access to to a plethora of personal data. The Anthem breach compromised the information of nearly 80 million people.

[See also: Hackers swipe Anthem data in massive cyberattack]

"That information could include names, dates of birth, addresses, telephone numbers, email addresses, Social Security numbers, member identification number, medical claims information and financial information," according to Premera.

"It’s important to note that our investigation has not determined that data was removed from our systems," officials added. "We have no evidence at this point that any of the data that may have been accessed during this attack has been used inappropriately."

The health plan is cooperating with the FBI in its investigation, and is also working cybersecurity firm Mandiant "to both investigate the attack and cleanse our IT system of the infection created by that attack."

Moreover, it is offering members two years of free credit monitoring and identity protection services from Experian, and "taking additional steps to strengthen and enhance the security of our IT systems moving forward."

"I recognize the frustration that the news of this cyberattack may cause," said Premera president and CEO Jeff Roe, in a statement. "The privacy and security of our members' personal information is a top priority for us. As much as possible, we want to make this event our burden, not yours, by making services available to protect you and your information moving forward."

Security experts say this attack – as with the many similar recent incidents that have come before it – should once again serve as a clarion call: Healthcare is in the crosshairs.

"While banks and financial institutions are the classic targets, these have been increasingly improving their security for the past five years, and like security professionals always say: attackers will find their way to the next available target on their list," said Shahar Tal, vulnerability research team leader at cybersecurity firm Check Point, in a press statement.

"Providers in this vertical should all heighten their alert status, proactively monitor their infrastructure for suspicious logs, and put protections in place that will prevent them from being the next target," he added.
 
The Premera breach "once again demonstrates the failure of flawed, outdated assumptions: over-reliance on 'guard the door' entry point security and early technologies such as simplistic single-key encryption schemes is a quaint and dangerous approach to a 21st century problem," added Richard Blech, CEO of Secure Channels, in a statement.

"To be an entrusted safe-keeper of private and sensitive consumer information," he said, "an insurer or provider has to protect said data by encrypting it."