Premera Blue Cross has just disclosed that it had been hacked since May 5, 2014 causing a data breach that was only discovered on January 29, 2015. As a result of the hacking, by presently undetermined hackers (although early indications again point the finger at Chinese hackers), a treasure trove of information was compromised including customers’ names, date of birth, email addresses, addresses, telephone numbers, member identification numbers, Social Security numbers, bank account information, contact information and even claims data. The data breach includes customers of Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and its affiliates Vivacity and Connexion Insurance Solutions affecting as many as eleven million people. This data puts the victims of this data breach in serious danger of identity theft. The health care industry in general is extremely vulnerable to data breaches and was warned by the FBI to be on the alert for such attacks last summer. In my USA Today column of predictions for 2015 I also predicted that there would be major hacks in the health care industry this year http://www.usatoday.com/story/money/personalfinance/2014/12/20/cyber-hack-data-breach/20601043/
Data breaches in the health care industry are particularly dangerous to us all because they put us in danger of not just regular identity theft, but also medical identity theft which can corrupt your medical records and present the threat of receiving possibly deadly treatment because of incorrect information in your medical records.
Premera started sending letters to affected people on March 17th and are offering two years of free credit monitoring and identity theft protection services. For more information about this, you can go to Premera’s website at http://www.premeraupdate.com/ You can also call Premera with questions at 800-768-5817. Premera customers should also be wary of mail, emails or any other communications that they receive purporting to be from Premera because the hackers have the names, addresses and email addresses of Premera customers and may contact you electronically and attempt to lure you into clicking on links that may download keystroke logging malware that can steal all of the information from your computer and use it to make you a victim of identity theft. You are better off going to Premera’s real website at the address indicated above. Premera victims would also be wise to put a credit freeze on their credit reports. You can find information here on the Scamicide website as to how to do so. For those of us not affected, this data breach reminds us that whenever possible you should not provide your Social Security number to health care providers or anyone else with whom you do business unless there is an absolute need to do so.