Health insurance providers are increasingly becoming attractive targets for hackers and it is not surprising as the trove of personal information found in health care records can fetch a princely sum in underground markets.
Earlier this week, on Tuesday, Premara Blue Cross disclosed that the personal data of 11 million customers were compromised in a hack that was discovered in January. Last month, Anthem, another health insurance provider, acknowledged that 78.8 million customers and employee records were breached in a stealth attack. While in the Anthem breach, the hackers gained access to names, SSN, birth dates, email addresses, telephone numbers and member ID numbers, in the Premara breach, the hackers could also gain access to medical claim records.
Cyber security experts say they're not surprised that Premara and Anthem became targets of hackers because the information can fetch a high amount in the black market.
"The bad guys are rotating around sectors," said Jeff Schmidt, CEO of IT security firm JAS Global Advisors. "When you get into health care, they're not fundamentally IT shops. They're not as fundamentally equipped as banking and finance to deal with these situations so you're seeing weaknesses being exploited."
"We're probably going to see a lot more of these happening in the coming few months," said Dave Kennedy, the chief executive of TrustedSEC.
Premara breach is especially raising concerns because the hackers may potentially exploit the personal health records and use it to blackmail patients. Or worse still, it can be used for medical insurance fraud, such as purchasing medical equipment for resale at higher price or obtaining expensive medical care for another person, explained Deborah Peel, the executive director of Patient Privacy Rights.
"This really should be a wake-up call," said Peel. "There's almost no way to remedy this; there's no recourse."
Premara, however, said "there's no evidence to date that such data has been used inappropriately."
The security experts also suspect that China could be involved in the attacks, because the attack methods used in both Anthem and Premara breaches suggest the involvement of a hackers group called Deep Panda, which has ties to the Chinese government. "It's relatively safe to say it's the same group," said Ben Johnson, chief security strategist for Bit9+CarbonBlack. However, it is not clear yet why the Chinese government would be interested in collecting health and personal information.
Insurance regulators, however, aren't taking any chances. According to the National Assoication of Insurance Commissioners, regulators in Indiana, California and Maine are investigating the Anthem hack while Washington and Alaska regulators are launching probe into the Premara attack.
Photo credit: Flickr | Johan Viirok
