Update on Premera and Anthem Data Breaches

March 19, 2015

This week, Premera Blue Cross, one of 37 independent licensees of the national Blue Cross and Blue Shield Association, confirmed a cyberattack on its data systems. Premera operates in the Pacific Northwest and provides healthcare coverage in Alaska and Washington.  

To be clear, this data breach did not occur at Blue Cross and Blue Shield of Louisiana (BCBSLA) and did not affect our data storage systems. BCBSLA and Premera are separate and independent plans with unconnected data management and storage systems.

Premera representatives say that while their customers’ stored personal identifying information was possibly exposed in the cyber attack, there is no evidence at this time that hackers have put the information to use. Premera discovered the cyberattack recently, but its representatives believe it took place last spring, and that hackers accessed data stored in their systems dating back to 2002. Premera is working with the FBI and other appropriate law enforcement agencies to find out how the cyberattack happened.

At this time, Premera representatives believe there are 11 million people in the country affected, including more than 4 million people who are part of other Blue Cross plans. Premera is offering two free years of credit monitoring and identity theft protection services to those affected. Anyone concerned about the cyberattack can call 1-800-768-5817 or visit www.premeraupdate.com for more information or to enroll in the protection services.

A system of independent, community-based and locally operated companies is the optimal way for Americans to obtain their healthcare coverage. And, to make sure our members can get care when they are away from home and need it, Blue Cross and Blue Shield of Louisiana and HMO Louisiana, Inc. work with Premera and Blue Cross plans around the country to offer care in other states through the local Blue plan.

Because of this, a small number of our customers may be affected by Premera’s cyberattack, if they received care, resulting in a claim being filed, in one of the states that Premera covers. For example, if a customer was on vacation or traveling for work to one of these states and got medical treatment there, that customer could have a claim and stored data in Premera’s system. Premera is notifying state regulators now about the cyberattack and data breach, and is working with BCBSLA and other Blue plans to find out how many of their members were affected.

Any of our customers who got medical treatment in one of the states Premera covers during or after 2002 and is concerned should visit www.premeraupdate.com or call 1-800-768-5817 for more information about the cyberattack and whether they might be affected.

Last month, Anthem, Inc. announced a breach of its data that affected about 26,000 BCBSLA customers. These were people who got medical care in one of the 14 states that Anthem covers and had data in their systems when the breach happened.

Although BCBSLA, Anthem and Premera are all part of the national Blue Cross and Blue Shield Association, they are independent, locally managed plans, and their data systems are not connected. 

Blue Cross and Blue Shield of Louisiana takes extensive steps to protect our customers’ personal and health information.  With the recent media reports of cyber security events, we have stepped up our efforts and are implementing more aggressive measures to do what we can to prevent data breaches from occurring here.  With the sophistication of today's cyberattacks, detecting and stopping them is a never-ending undertaking that we evaluate and update continuously. We will continue to use inside and outside experts and industry best practices and tools to ensure we have the appropriate security for our members.