Premara Blue Cross said it was hacked and now the private medical and financial data of up to 11 million customers may be exposed.
The hackers were actually able to break into customers’ claims and view banking account numbers, Social Security numbers and birth dates, as well as sensitive clinical information, Reuters reported.
This is the largest breach ever to involve the records of patients, said Dave Kennedy, a healthcare security expert who heads up TrustedSEC LLC.
Washington state customers were hit particularly hard. Roughly six million of the record breaches hailed from Washington, and included employees of Amazon, Microsoft Corp. and Starbucks Corp., Premara said. The remaining five million or so other affected customers come from a myriad of spots around the United States.
The cyberattack actually began in May 2014. Premara said investigators haven’t uncovered any actual instances of the hacked information being “used inappropriately,” Reuters reported.
But hackers can use the medical information to sell on underground markets.
“Medical records paint a really personal picture of somebody’s life and medical procedures,” Kennedy said, Reuters reported. “They allow you to perpetrate really in-depth medical fraud.”
This is hardly the first time a medical insurer’s been hacked.
As WND reported in February, the FBI kicked off an investigation into a large-scale computer cyberattack the left Anthem, Inc., one of the nation’s largeest health insurers, vulnerable.