Premera Cyber-Attack Update
On March 17, 2015, Premera Blue Cross announced that the company was the victim of a cyber-attack during which attackers gained unauthorized access to Premera’s information technology system.
Capital BlueCross systems were not impacted by, and were not part of, the attack on Premera’s system. Capital BlueCross and Premera are separate and distinct companies.
However, the Premera attack involved the information of members of other BlueCross and BlueShield plans who sought treatment in Premera’s service area, which includes Alaska and Washington State. That is because 37 independent, locally operated companies across the U.S. form the BlueCross BlueShield system. This affiliation enables BlueCross and BlueShield customers to get the high-quality, affordable health care they need wherever they are. If you have not received health care services in Premera’s service area in Alaska and Washington State since 2002, your information should not be at risk.
The information involved in the Premera incident dates back to 2002. According to Premera, attackers may have gained unauthorized access to members’ information, which for any of our affected members, could include name, date of birth, address, Social Security number, member identification number, and claims information, including clinical information. No credit card or financial information was included. More information about this incident can be found at www.premeraupdate.com.
Letters will be mailed to all affected individuals and they will be provided with two years of free credit monitoring and identity theft protection services. Any individual who believes they may have been affected by this breach and wants to enroll in these services, prior to receiving their letter, may do so by following the instructions for enrollment found at: www.premeraupdate.com.
Capital BlueCross’ Commitment to Information Security
Protecting member information is of the utmost importance to Capital BlueCross and we maintain a vigilant data security program.
From state-of-the-art technology, to continuous monitoring of our systems, we work to ensure that the best technical and administrative safeguards are in place. Additionally, we contract with third-party information security organizations and subject matter resources to provide continuous monitoring of our systems.
In light of recent attacks on other companies in the health insurance industry, Capital BlueCross also has undertaken additional actions to strengthen the company’s information technology syste ms and data security program.