<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=192888919167017&amp;ev=PageView&amp;noscript=1">
Thursday, March 28, 2024
March 28, 2024

Linkedin Pinterest

Multistate probe to look into Premera cyberattack

The Columbian
Published: March 25, 2015, 12:00am

OLYMPIA — Washington state’s insurance commissioner announced Tuesday a multistate investigation into this winter’s cyberattack on Premera Blue Cross.

Insurance Commissioner Mike Kreidler said he plans to work with his counterparts in Alaska and Oregon to look into operations at Premera, which is based in Mountlake Terrace. The investigation will explore the cyberattack disclosed by Premera last week, in which hackers accessed the personal information of 11 million consumers, including 6 million in Washington, between May 2014 and the exploit’s Jan. 29 discovery.

“I remain seriously concerned at the amount of time it took Premera to notify its policyholders of the breach,” Kreidler said in a statement announcing the investigation. “When you buy and use your insurance, you share your personal information with the company and you expect it to be protected during those transactions.”

The scope of the investigation may also include the extent of the financial damage done, steps taken to prevent a future attack and other cybersecurity aspects of the attack, Kreidler said. No timeline was given for the investigation, which will involve on-site reviews of Premera’s books and activities. Additional states could join the investigation team as it explores how far the security breach affected other members of the “Blue Card” system, which is Premera’s national provider network.

Oregon insurance officials said Tuesday the breach exposed personal identification from 250,000 people who belong to the Lifewise Insurance Plan of Oregon, a Premera subsidiary.

“Oregon takes the protection of personal identifying information very seriously, and this investigation will closely scrutinize the data security practices of Lifewise,” Oregon Insurance Commissioner Laura Cali said in a statement.

After the March 17 announcement of the cyberattack, Premera said it would provide two years of credit monitoring and identity theft protection services to anyone affected. The FBI is investigating the attack, and Premera has also hired the security firm Mandiant to investigate what happened and help repair its systems.

In Alaska, where an estimated 700,000 insurance consumers were affected, including 80,000 current and former state employees, Gov. Bill Walker last week encouraged enrollment in the protection services Premera offered to victims.

Loading...