Today, medical insurance providers LifeWise and Premera Blue Cross each reported, separately, that they had been the target of sophisticated cyberattacks, which initiated May 5, 2014. Premera will be notifying approximately 11 million affected customers; LifeWise 250,000. Neither organization has evidence that any customer data has been used fraudulently, and has not yet confirmed that any patient data has indeed been compromised.
They say attackers "may have gained unauthorized access to" members' information, including name, date of birth, Social Security number, mailing address, email address, telephone number, member identification number, bank account information, and claims information, including clinical information.
Individuals who do not have medical insurance through these companies, but do other business with them, might have had their email addresses, banking data, or Social Security numbers exposed.
These attacks, when combined with the Anthem Healthcare breach reported last month and the Community Health Systems breach in the summer, clearly indicate that health insurance providers have become a popular new target -- and Chinese cyberespionage groups are being implicated.
Anthem first detected suspicious activity Jan. 27 and confirmed on Jan. 29 that an attack had occurred, over the course of several weeks in December 2014.
LifeWise and Premera also say they discovered their breaches Jan. 29 -- possibly as a result of Anthem sharing information about their own intrusion with HITRUST's Cyber Threat Intelligence and Incident Coordination Center. However, after investigations by Mandiant -- the same organization conducting the investigation at Anthem -- both Premera and LifeWise report that their first intrusions occurred several months earlier, in May.
Both Premera and LifeWise are providing two years of free credit monitoring and identity theft protection to affected individuals. More information is available at premeraupdate.com and lifewiseupdate.com.