Welp, here we go again. Health insurer Premera Blue Cross announced on Tuesday night that it had been hacked, and that 11 million customers could be affected by the breach. For some people, the hackers had access to both financial and medical data. The number affected may not seem like much compared with the 80 million people who had records compromised in the Anthem breach announced last month, but that's just your apathy talking.
Premera, a Washington state nonprofit, detected the hack on Jan. 29, but the attack seems to have occurred earlier, on May 5 of last year. On a website specifically for disseminating information about the hack, Premera said that names, birthdays, email addresses, physical addresses, telephone numbers, Social Security numbers, member IDs, bank account information, medical information, and insurance claims may all have been exposed in the breach. Premera will notify all affected customers by (snail) mail, and will offer two years of free credit monitoring to each of them. Major clients, according to the Wall Street Journal, include Microsoft and Starbucks.
Premera is working with the cybersecurity firm Mandiant and the FBI to investigate the breach. Some suspect that the attack was state-sponsored by China. Brian Krebs, who runs the cybersecurity blog Krebs on Security, wrote in a post, "There are indications that this may be the work of the Chinese espionage group tied to the breach disclosed earlier this year at Anthem."
When asked about potential Chinese involvement in the hack, Zhu Haiquan, a Chinese Embassy spokesman, told the Journal that, “Chinese laws prohibit cyber crimes of all forms. ... Jumping to conclusions … is not responsible and counterproductive.”
Mark Stamford, the founder and president of cybersecurity firm OccamSec (which isn't investigating the Premera hack), cautions against the assumption that state-sponsored hacks are always to blame. "There probably aren't as many nation-state attacks going on as we're publicly being made aware of," he said. "If you're a nation-state you're more likely to try and gain access to assets that are going to give you useful information over a long time."
Stamford also highlights a growing trend where companies focus on their reaction to large-scale hacks instead of investing in prevention. "These hacks haven’t been some sort of supertechnical from-the-future attacks," he said. "Usually someone has a weak password, someone clicks on a phishing email ... and that just opens the door."