According to a statement issued by Premera Blue Cross, a hacker was able to gain unauthorized access to its Information Technology (IT) systems. The company’s internal investigation further revealed that the initial attack occurred nearly Nine months prior to its discovery at the end of January 2015.
As part of its investigation, Premera has notified the FBI and is coordinating with the Bureau’s investigation into this attack and is working with a cybersecurity firm to remove the vulnerability which lead to the attack.
“The security of Premera’s members’ personal information remains a top priority. We at Premera take this issue seriously and sincerely regret the concern it may cause,” said Jeff Roe, Chief Executive Officer, Premera. “As much as possible, we want to make this event our burden, not that of the affected individuals, by making services available today to help protect people’s information.”
This incident affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and its affiliate brands Vivacity and Connexion Insurance Solutions, Inc. Premera’s investigation determined that the attackers may have gained unauthorized access to members’ information, which could include members’ name, date of birth, Social Security number, mailing address, email address, telephone number, member identification number, bank account information, and claims information, including clinical information. Individuals who do business with Premera and provided the company with their email address, personal bank account number, or Social Security number are also affected.