Premera Blue Cross

By Carrie Graham, Chris Hayden, Matt Sharrah, Saw Oo, King Ng

What happened? Security breach at a large American health

insurance company Captured current and past customer

information Clinical information, along with banking

account numbers, Social Security numbers, birth dates and more

It is the largest breach reported to date involving patient medical information

How? The FBI is still investigating the attack to

determine how it happened Similar hacks from that time employed a

phishing technique (e.g.) prennera.com vs premera.com

When did it happen? Attack Initially Happened: May 5th, 2014 Discovered: January 29, 2015 Announced to public: March 17, 2015

Who Was Involved?

11 million customers of Premera Blue Cross who had their information compromised

Affiliate brands Vivacity and Connexion, as well as any other companies Premera does business with

Federal Bureau of Investigation Cyber security firm Mandiant Hacker(s) unknown

Why attack Premera? Data stolen from health insurers and hospitals typically

fetch at least 10 times more than credit-card numbers on the black market

If APT, information could be used to blackmail government employees

What was the impact and risks?

Up to 11 million individuals had their information compromised

As many as 80 million records were accessed, information dating back to up to 2002

Premera said they planned to offer two years of free credit monitoring and identity theft protection services to affected members

Risk: Loss of reputation drives customers away Risk: Hackers leak any of the stolen

information or sell it for profit

What is the loss exposure? Health care data more valuable than credit card

information on black market Health care companies are huge providers with

government workers Use blackmail later

Reputation damage & possible market share loss Hackers may use data for identity theft, insurance

fraud, and to obtain prescription drugs 5 class-action lawsuits

What did the company do to remediate the situation?

Offered two years of free credit monitoring Mailed data breach notification letters to the 11

million people Forced by state laws to send the letters

Hired cybersecurity firm Mandiant as a consultant to investigate the hack

Recommendations Strengthen information security awareness program Improve vulnerability management (especially network

hosted) and intrusion detection tools

Work Cited Pagliery, Jose. "Premera Health Insurance Hack Hits 11 Million

People."CNNMoney. Cable News Network, 2015. Web. 25 Sept. 2015. Shahani, Aarti. "Premera Blue Cross Cyberattack Exposed Millions Of

Customer Records." NPR. NPR, 18 Mar. 2015. Web. 25 Sept. 2015. Vijayan, Jaikumar. "Premera Hack: What Criminals Can Do with Your

Healthcare Data." The Christian Science Monitor. The Christian Science Monitor, 20 Mar. 2015. Web. 25 Sept. 2015.

Chen, Kelly. "Premera Blue Cross Hacked, Medical Information Of 11 Million Customers Exposed." The Huffington Post. TheHuffingtonPost.com, 17 Mar. 2015. Web. 25 Sept. 2015.

"Premera Has Been the Target of a Sophisticated Cyberattack." Premera Update. N.p., n.d. Web. 25 Sept. 2015.

Kirk, Jeremy. "Premera, Anthem Data Breaches Linked by Similar Hacking Tactics." CSO Online. CSO Media, Inc, 18 Mar. 2015. Web. 25 Sept. 2015.

Thank you! Questions?