Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Major US Health Insurer Hacked, Affecting 11 Million

Premera Blue Cross said Tuesday its computer network had been hacked, potentially exposing data from 11 million people, in the second recent such attack on a major US health insurer.

Premera said in a statement it discovered on January 29 “that cyberattackers had executed a sophisticated attack” to get into its computer network.

Premera Blue Cross said Tuesday its computer network had been hacked, potentially exposing data from 11 million people, in the second recent such attack on a major US health insurer.

Premera said in a statement it discovered on January 29 “that cyberattackers had executed a sophisticated attack” to get into its computer network.

An investigation found that the initial attack occurred on May 5, 2014. The company said hackers may have been able to access members’ name, dates of birth, social security numbers, email addresses, bank account data and medical claims information.

Including customers and contractors, the total number of people affected could be 11 million, Premera said.

The announcement by Premera came six weeks after a similar disclosure from Anthem Blue Cross, which said as many as 80 million customer records may have been compromised.

Premera said it was working with the FBI and the private security firm Mandiant “to conduct a comprehensive investigation of the incident and to remove the infection created by the attack.”

“The security of Premera’s members’ personal information remains a top priority. We at Premera take this issue seriously and sincerely regret the concern it may cause,” said Premera chief executive Jeff Roe.

“As much as possible, we want to make this event our burden, not that of the affected individuals, by making services available today to help protect people’s information.”

Advertisement. Scroll to continue reading.

Last year, US retailer Home Depot said 53 million email addresses were stolen, months after fellow retailer Target said the personal data of 70 million customers was accessed.

Reports last month said China may have been behind the Anthem hack, a claim that was denied by Beijing.

Some experts say medical data can be even more lucrative to hackers than credit cards because they can create fake identities for other frauds schemes.

Premera manages health insurance under the Blue Cross name for customers in the northwest United States.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.