Premera Blue Cross has revealed that it was the victim of a major data breach
Another health insurance company has revealed that it has been the victim of a major data breach from hackers. Premera Blue Cross has confirmed that hackers have breached its consumer database, with malicious attacks going as far back as May 2014. The insurer believes that the financial and medical information of 11 million people may have been exposed in the attack. If true, this would make the attack the largest of its kind against a health insurance company.
Health insurance provider is working with the FBI and a security firm to manage the issue
Premera Blue Cross suggests that there is no evidence that consumer information has been used in an inappropriate manner, such as being sold to third parties, as of yet. The company has been working with the Federal Bureau of Investigation and FireEye, a security firm, in order to handle the attack. The practical damage of the attack seems quite limited at this time, but it could be months before the health insurance provider understands the breadth of the damage caused by the event.
Cyber attacks are becoming a problem for the insurance industry
Major cyber attacks have been making headlines over the past few years. Anthem was recently the subject of such an attack, during which the information of millions of its customers was stolen. These attacks are highlighting the risks that exist in the digital world, which the insurance industry has yet to find a way to mitigate effectively. Insurers are well versed in managing risks, but the rate at which these risks evolve in the digital space is making mitigation difficult.
Federal laws could provide consumers with more protection
Premera Blue Cross did not become aware of the major data breach until January of this year. Within 47 days of becoming aware of the attack, the insurer had told all the clients it expects could have been affected by the event. The attack is drawing attention to an initiative from the federal government, which involves providing greater protection to those that have been victims of hacking.