The Washington State Attorney General announced to day that Premera/Blue Cross has been the target of a major data breach.
The breach affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and its affiliated companies, Vivacity and Connexion Insurance Solutions, Inc. It impacts millions of individuals in Washington, Oregon and Alaska.
It is unclear at this time what information was taken, but it may have included Social Security numbers, dates of birth, mailing and email addresses, telephone numbers, member identification numbers, bank account information and claims information (which includes medical information). The Federal Bureau of Investigation is working with Mandiant, a cybersecurity firm, to find out more about the attack and who was behind it.
“I’m very concerned about this and other data breaches that put Washingtonians at risk,” Attorney General Bob Ferguson said. “My team is looking into what happened, and we will do everything we can to protect consumers.”
The breach was discovered Jan. 29 and Premera has determined that the breach was the result of a May 5, 2014 cyberattack.
The company is offering two years of credit monitoring to all customers, ID theft restoration services and ID insurance through Experian. Customers can visitwww.Premeraupdate.com to sign up for the services.
Premera/Blue Cross reports it is in the process of setting up a dedicated call center to handle breach-related questions. Affected consumers will also receive notices.
The source of the attack is not yet known.
For more information, visit www.Premeraupdate.com.
The Legislature is currently considering Attorney General-request legislation to strengthen notification requirements when data breaches occur. HB 1078 passed the House March 4 and is now before the state Senate.
For more information on how to protect yourself from identity theft and how to recover, visit www.atg.wa.gov/identity-theftprivacy.