FBI Investigating Cyberattack On Health Insurer That Could Affect 11 Million

The hacks first gained access to personal data last year.

ByMike Levine and Shahriar Rahmanzadeh
March 17, 2015, 4:26 PM
PHOTO: The Premera Blue Cross entrance is seen in this file photo.
The Premera Blue Cross entrance is seen in this file photo.
Kim Crompton/Spokane Journal

— -- The FBI is investigating a massive cyberattack on the Premera health insurance company that may have compromised the personal information, including critical bank records, of nearly 11 million customers, the agency and Premera separately announced today.

So far, however, Premera has seen no signs that such data has been used “inappropriately,” the company said in a statement today.

Nearly seven weeks ago, Premera uncovered “a sophisticated attack to gain unauthorized access” to its systems, and the company later realized the attack was actually first launched on their systems in May 2014, according to the statement. Premera immediately notified the FBI and enlisted a leading cybersecurity firm, Mandiant, to help remove “infection” created by the attack, the statement added.

The FBI applauded Premera for “quickly notifying” the U.S. government, saying the company’s response “is a model for other companies facing cyber intrusions, as rapid notification allows the FBI to quickly deploy our cyber experts to preserve evidence and work with a company's incident responders to help recover their networks.”

“Cybercrime remains a significant threat and the FBI will continue to devote substantial resources and efforts to bringing cyber criminals to justice,” FBI spokesman Joshua Campbell said in a statement.

In its own statement, Premera said it “sincerely regret[s]” any concern caused by the breach, and the company is beginning to mail letters to 11 million people potentially affected by the cyberattack, offering them two years’ worth of free credit monitoring and identity theft protection.

“[T]he attackers may have gained unauthorized access to members’ information, which could include members’ name, date of birth, Social Security number, mailing address, email address, telephone number, member identification number, bank account information, and claims information, including clinical information,” Premera said in its statement. “Individuals who do business with Premera and provided the company with their email address, personal bank account number, or Social Security number are also affected.”

Premera is associated with Blue Cross Blue Shield. According to the company, the intrusion affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and its affiliate brands Vivacity and Connexion Insurance Solutions.

ABC News Live

ABC News Live

24/7 coverage of breaking news and live events