Cyber attack on Premera Blue Cross leaked 11 million customer records

Premera Blue Cross, a health insurance provider, had been attacked last year by cyber criminals who may have revealed the medical data and financial information of 11 million customers, the company reported Tuesday.

The breach permitted hackers to have unauthorized access to customers’ personal information, including names, birthdates, Social Security numbers, and claims information during the May 2014 intrusion, said Premera, a health benefits provider in the Pacific Northwest. In addition, information leaked included bank account information, email addresses and telephone numbers, Premera said.

The attack was detected January 29. After Premera Blue Cross, the second target was Anthem. It claims to be the victim of a sophisticated cyber attack. Anthem affirmed that the attack on its servers consist of  the unencrypted personal information such as names, dates of birth, member IDs, and Social Security numbers of around 80 million current and former members and employees.

According to Premera the company is working with the FBI to investigate the breach but it has still not determined whether any information was detached from the servers or “used inappropriately.” The customer information that may have been exposed consist of dates as far back as 2002, Premera said.
Under the federal Health Insurance Portability and Accountability Act (HIPAA), health insurance companies are not required to encrypt the data stored on their servers. However it is still not confirmed whether the information disclosed in Premera’s hack was encrypted.

The sensitive information of customers held by health care organizations including Social Security numbers appears to be attractive to hackers who seek to steal identities.

There is a warning for health care companies by Law enforcement that they may face an increased risk of data breach attacks. After a cyber attack on US hospital group Community Health Systems in August, the FBI issued a flash warning to companies that it had observed “malicious actors targeting healthcare related systems,”  possibly to gain health care information or personal identification information, according to Reuters.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...