If you get your health insurance coverage through Premera Blue Cross, your personal information could be at risk. A recent cyberattack exposed data related to 11 million customers. It's not nearly as large as the Anthem breach that occurred a few months ago, but this time around hackers accessed even more sensitive information like birth dates, bank account numbers, Social Security numbers and even medical records.
Medical records are highly valuable on underground criminal exchanges where stolen data is sold because the information is not only highly confidential, it can also be used to engage in insurance fraud.
The hack affects customers from Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, Vivacity and Connexion Insurance Solutions. This is the largest hack on record that includes medical information, and that's significant because that type of data can fetch big bucks in the criminal underworld. The information stolen in this hack can easily be used to commit identity theft.
Dave Kennedy, chief executive of TrustedSEC and an expert in healthcare security, explained.
“Medical records paint a really personal picture of somebody’s life and medical procedures,” Kennedy said. “They allow you to perpetrate really in-depth medical fraud.”
The insurance company is now working with both the FBI and cybersecurity firm FireEye to uncover more details about the hack. Premera is also offering free credit monitoring services for customers to help them protect their information and look out for signs of fraud.
“We at Premera take this issue seriously and sincerely regret the concern it may cause,” Chief Executive Jeff Roe said in a statement.
Hacked businesses usually offer credit monitoring services to affected customers for up to a year following a cyberattack. However, that might not be enough, because identity thieves often sit on this type of information for quite a while before using it.