Just last month, major health insurance company Anthem announced that as many as 80 million customers may have had medical and personal records exposed in a sophisticated cyberattack. Now, the second-biggest attack in the industry has hit, with the Pacific Northwest’s Premera Blue Cross disclosing that up to 11 million customers may be involved in the data breach.
Healthcare organizations are likely taking a closer look at their security measures following these two huge attacks. But have they decided to get serious too late?
An investigation into Premera’s attack revealed the initial digital break-in occurred in May 2014, but only discovered in late January 2015. That means attackers could have had access to Premera’s records and systems for eight months before anyone noticed a problem.
With that in mind, the question becomes: What other companies have already been hacked, but just don’t know it yet? Is it possible your information has already been exposed? If that’s the case, cyber thieves may be using that data for medical identity theft, and it could be months before the companies responsible even discover the data has been breached.
The latest breach affects customers of Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and affiliate brands Vivacity and Connexion Insurance Solutions. Attackers may have obtained access to customers’ social security numbers, bank account information, contact data and claims information, Premera noted.
Although there haven’t been any reports of customers suffering from medical identity theft as a result of the attack, the company’s CEO said in a statement that Premera will be quick to provide identity theft protection services to all affected customers.
As the Anthem and Premera attacks have demonstrated, healthcare organizations have become a major hacking target. Last August, the FBI warned companies in the healthcare industry that cyber terrorists are increasingly trying to steal medical-related intellectual property and patient records.
The percentage of cyberattacks focusing on medical systems has doubled in the last five years, which is why we’ve been sharing our apprehension about medical ID thefts — and why we’ll continue to sound the alarm.
Even with healthcare organizations in every industry working to implement more security measures, it’s simply impossible to know what’s already been exposed, and how attackers might be using that information.
Because of that, it’s more important than ever for consumers to protect themselves. Even if you’re not a victim of the Anthem or Premera breaches, your personal data is still stored in health insurance and medical records, both of which may be at risk. So it’s crucial to stay vigilant and check over every bill and statement, regularly scan your credit report, and be suspicious of unsolicited emails and web links.
Putting identity theft monitoring into place can help, too. IdentityForce works to keep your credit and personal information secure, and we notify you as soon as we detect any kind of issues. With our identity and credit monitoring services, you don’t even have to wait for notification from a company like Premera to find out if you’re safe. What’s more, IdentityForce is the only identity theft protection company that provides three layers of medical identity theft protection at no extra cost; we’ll always let you know if there’s a cause for concern, no matter what breaches may occur in the future.
Image courtesy of Flickr user Connor Tarter.