Cyberattack impacts 11M

Premera Blue Cross, a health plan based in Mountlake Terrace, Wash., has been the target of a cyberattack of its IT systems, impacting 11 million.

The cyberattack affects Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and the payer's affiliate companies Vivacity and Connexion Insurance Solutions. Members of other Blue Cross Blue Shield plans who received treatment in Washington or Alaska also may be affected, as are individuals who do business with Premera and provided the payer with their email address, personal bank account number or Social Security number, according to Premera.

Premera discovered the attack on Jan. 29, and investigations indicate the initial cyberattack occurred on May 5, 2014. While the "investigation has not determined that any data was removed from our systems," compromised information includes member names, birth dates, email addresses, addresses, telephone numbers, Social Security numbers, member identification numbers, back account information, claims information and clinical information, according to information on Premera's website.

Premera is offering two years free credit monitoring and identity theft protection services to anyone affected by this incident. "We worked with one of the world’s leading cybersecurity firms, Mandiant, to investigate the attack and remove the infection from our systems. We've taken additional actions to strengthen and enhance the security of our IT systems moving forward. We’re also coordinating with the FBI as they conduct their own investigation into the attack."

"The security of Premera's members' personal information remains a top priority. We at Premera take this issue seriously and sincerely regret the concern it may cause," said Premera CEO Jeff Roe in a statement. "As much as possible, we want to make this event our burden, not that of the affected individuals, by making services available today to help protect people's information."