Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Major US Health Insurer Hacked, Affecting 11 Million

Premera Blue Cross said Tuesday its computer network had been hacked, potentially exposing data from 11 million people, in the second recent such attack on a major US health insurer.

Premera said in a statement it discovered on January 29 “that cyberattackers had executed a sophisticated attack” to get into its computer network.

Premera Blue Cross said Tuesday its computer network had been hacked, potentially exposing data from 11 million people, in the second recent such attack on a major US health insurer.

Premera said in a statement it discovered on January 29 “that cyberattackers had executed a sophisticated attack” to get into its computer network.

An investigation found that the initial attack occurred on May 5, 2014. The company said hackers may have been able to access members’ name, dates of birth, social security numbers, email addresses, bank account data and medical claims information.

Including customers and contractors, the total number of people affected could be 11 million, Premera said.

The announcement by Premera came six weeks after a similar disclosure from Anthem Blue Cross, which said as many as 80 million customer records may have been compromised.

Premera said it was working with the FBI and the private security firm Mandiant “to conduct a comprehensive investigation of the incident and to remove the infection created by the attack.”

“The security of Premera’s members’ personal information remains a top priority. We at Premera take this issue seriously and sincerely regret the concern it may cause,” said Premera chief executive Jeff Roe.

“As much as possible, we want to make this event our burden, not that of the affected individuals, by making services available today to help protect people’s information.”

Last year, US retailer Home Depot said 53 million email addresses were stolen, months after fellow retailer Target said the personal data of 70 million customers was accessed.

Reports last month said China may have been behind the Anthem hack, a claim that was denied by Beijing.

Some experts say medical data can be even more lucrative to hackers than credit cards because they can create fake identities for other frauds schemes.

Premera manages health insurance under the Blue Cross name for customers in the northwest United States.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption