US healthcare provider Premera Blue Cross disclosed it was victim of a cyberattack that exposed details of around 11 million customers, according to an official statement.
Attackers gained access to a vast volume of customer data in a breach in May of last year, including clinical information, bank account numbers, Social Security numbers and birth dates.
About 6 million of those affected are residents of Washington DC. Other victims include employees of Amazon.com Inc (AMZN.O), Microsoft Corp (MSFT.O) and Starbucks Corp (SBUX.O), according to Reuters.
The insurer said it found no evidence that the stolen data was “used inappropriately.” â€œThe investigation has not determined that any such data was removed from our systems,â€ Premera said.
This incident affected Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska, and affiliate brands Vivacity and Connexion Insurance Solutions, Inc. as well as business partners who gave their data to the company.
The news comes weeks after another health insurance company, Anthem, revealed the leak of personal information of as many as 80 million people who are now targeted by phishers. In 2014, medical fraud allegedly caused losses worth $272 billion across the entire US healthcare system.
Why is medical information so valuable?
Medical fraud is a rising threat as patientsâ€™ identities carry information that can be even more valuable than credit card data,â€ said Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender. â€œMost commonly, cyber-crime actors use the private data in schemes to obtain money for services and goods they donâ€™t actually provide, such as charging for non-existent visits to give insulin injections or over-billing for others.â€