OLYMPIA — Washington state’s insurance commissioner announced Tuesday a multistate investigation into this winter’s cyberattack on Premera Blue Cross.
Insurance Commissioner Mike Kreidler said he plans to work with his counterparts in Alaska and Oregon to look into operations at Premera, which is based in Mountlake Terrace. The investigation will explore the cyberattack disclosed by Premera last week, in which hackers accessed the personal information of 11 million consumers, including 6 million in Washington, between May 2014 and the exploit’s Jan. 29 discovery.
“I remain seriously concerned at the amount of time it took Premera to notify its policyholders of the breach,” Kreidler said in a statement announcing the investigation. “When you buy and use your insurance, you share your personal information with the company and you expect it to be protected during those transactions.”
The scope of the investigation may also include the extent of the financial damage done, steps taken to prevent a future attack and other cybersecurity aspects of the attack, Kreidler said. No timeline was given for the investigation, which will involve on-site reviews of Premera’s books and activities. Additional states could join the investigation team as it explores how far the security breach affected other members of the “Blue Card” system, which is Premera’s national provider network.