CareFirst BlueCross BlueShield Statement Regarding Premera Cyberattack

Baltimore, MD (April 03, 2015) - In March, CareFirst BlueCross BlueShield (CareFirst) was made aware by Premera Blue Cross (Premera) that Premera had been the target of a cyberattack. Premera discovered that cyberattackers had executed a sophisticated attack to gain unauthorized access to its information technology systems. As part of its investigation, Premera notified the FBI and is coordinating with the Bureau’s investigation into the attack. Information accessed through the attack includes information for current and former members of Premera’s associated health plans, as well as information from consumers covered by other independent Blue Cross Blue Shield plans working with Premera – including CareFirst – who live or sought medical treatment in Premera’s State of Washington and Alaska service area.

Since the initial notification, CareFirst has been working with Premera to review and verify the number of current and former CareFirst members potentially affected, as well as the type of member information accessed through the attack. When we know more regarding the number of CareFirst members affected and the specific types of information potentially at risk, CareFirst will share that information. The investigation has determined that the attackers may have gained unauthorized access to information including name, address, date of birth, Social Security Numbers (SSNs), member identification numbers, claims information and clinical information.

Premera will begin sending letters to all affected individuals (including CareFirst members) in the near future. Premera has indicated that there is no evidence to date that the data has been used inappropriately.

Premera is providing two years of free credit monitoring and identity theft protection services through Experian to affected individuals. Premera has established a dedicated call center for affected individuals to contact. The information involved dates back to 2002 and individuals who believe they are affected by this incident but who have not received a letter by April 20, 2015, are encouraged to call 1-800-768-5817, Monday through Friday, between 5:00 a.m. and 8:00 p.m. Pacific Time (closed on U.S. observed holidays). Additional information about Premera’s response to this cyberattack can be found at Premera's site.