March 19, 2015
If last year was the year of the retail security breach, this year it seems hackers have put insurers in the crosshairs. Premera Blue Cross, a major health insurer serving mainly the Pacific Northwest and Alaska, on Tuesday acknowledged a breach of its network security compromising the personally identifiable information—including bank account details—of up to 11 million customers. While the number of records affected is dwarfed by the recent Anthem breach , the Premera intrusion could be more costly. Information culled by the attackers during the breach, which the company became aware of on January 29, 2015 and had started in May of 2014, includes: member name, date of birth, email address, address, telephone number, Social Security number, member identification numbers, bank account information, and claims information, including clinical information, according to a Premera statement.
Premera provides healthcare for some of the most recognizable companies in the world headquartered in the Pacific Northwest including Microsoft and Starbucks. While the latest confirmation of a security breach has desensitized many to the serious ramifications that can result from breaches like this, merchants, banks and others can expect an increase in account takeovers and fraudulent credit-card signups.
Several reports have indicated that evidence exists suggesting the hack was state-sponsored, probably from China. From the perspective of merchants and most consumers that may be good. Speculation around why a country like China would be accessing health records centers not around monetization, but using the health information to embarrass or blackmail public figures.