Mar 25

11 Million people exposed in Premera Health Insurance hack

11 Million people exposed in Premera Health Insurance hack

Premera Blue Cross is large American insurer and the latest to admit to being hacked. This is the second major hack of a large health insurance company so far in 2015. In January, hackers stole similar personal information on 80 million people from insurance giant Anthem.

The Premera servers were initially infiltrated on May 5, 2014, but this was not discovered until January 29 this year.

Premera announced that hackers “may have” accessed millions of health profiles that included Social Security numbers, birthdays, emails, physical addresses, bank account information, clinical information and detailed insurance claims. This data is a about current and past customers, dating back to 2002.

A number of affiliates and related firms were was affected by the hack including Vivacity provides workforce wellness services and Connexion Insurance Solutions caters to individuals and small businesses.

In accordance with state laws Premera are now mailing data breach notification letters to the 11 million people whose information was exposed. Questions about the investigation are being referred to FBI agents in Seattle who are now investigating the incident. FBI spokeswoman Ayn Dietrich-Williams said agents are currently working “to determine the nature and scope of this incident.”

The cybersecurity firm Mandiant has been hired as a consultant to investigate the hack. In these types of cases, the FBI often relies on clues discovered by Mandiant, which is owned by FireEye (FEYE), and vice versa.

Premera CEO Jeff Roe’s apology statement repeated what’s become an all-too-familiar template for companies that lose client data: “The security of Premera’s members’ personal information remains a top priority. We at Premera take this issue seriously and sincerely regret the concern it may cause.”

Premera also said it “is taking additional actions to strengthen and enhance the security of its IT systems moving forward.”

There is no information provided on how hackers gained access and what has happened to the data. This type of information normally appears on black markets, where identity thieves can buy packaged profiles.