Bookmark and Share

PREMERA BLUE CROSS

SECURITY BREACH FACT SHEET

On March 17, 2015 Premera Blue Cross / Blue Shield reported a security breach that may have resulted in the loss of sensitive personal information of their current and former clients. Among those affected are current and former Alaska state employees. To answer common questions related to this incident the Division of Retirement and Benefits is providing the following information.

Who is affected by the breach?

The information involved in this incident dates back to 2002. Premera served as the third party claims administrator for the AlaskaCare Employee and Retiree Health Plans between July 1, 2006 and June 30, 2009.  If you are affected by this breach, you will receive a letter from Premera with more detailed information regarding free credit monitoring and identity theft protection services being offered by Premera to affected individuals.

What information was lost?

The lost information could include members' name, date of birth, Social Security number, mailing address, email address, telephone number, member identification number, bank account information, and claims information, including clinical information.

What should I do now?

You will receive a notice in the next few weeks that describes the protections Premera has agreed to provide to affected individuals.  This will include free credit monitoring and identity theft protection. Details about what these protections entail and how you can sign up for them will be explained in the notice. Details regarding these protections may also be found at: premeraupdate.com, or at our credit monitoring FAQ. Individuals who believe they are affected by this cyberattack but who have not received a letter by April 20, 2015, are encouraged to visit the website or call 1-800-768-5817, Monday through Friday, between 5:00 a.m. and 8:00 p.m. Pacific Time (closed on U.S. observed holidays).

In the meantime, there are other steps you can take to protect yourself against identity theft:

  1. You can place a fraud alert on your credit report, even if you have credit monitoring in place. You can contact the three main credit reporting agencies below to place a fraud alert:
    Equifax1-888-766-0008www.equifax.com
    Experian1-888-397-3742www.experian.com
    TransUnion1-800-680-7289www.transunion.com
    A fraud alert will not prevent access to your credit report, but it will alert the reporting agency, and businesses checking on your credit, that your information has been compromised.  If you have already placed a security freeze on your credit report, a fraud alert is not necessary.
  2. Get a copy of your credit report and review it for suspicious activity.  Under federal law, you are entitled to a free copy of your credit report from each of the three credit bureaus every year.  To get your free copy, contact each of the credit agencies listed above, or go to www.annualcreditreport.com.  Look for any accounts you do not recognize, and cancel them immediately.
  3. Account monitoring.  Check your monthly account statements carefully for suspicious charges, and notify your financial institution of all charges you do not recognize.  Close any accounts that you think have been compromised.
  4. Consumer Education.  There are several consumer resources available that provide valuable information on identity theft, and how to avoid becoming a victim.  The Federal Trade Commission maintains a website that contains a wealth of information on identity theft at www.ftc.gov/idtheft.

Has my information been misused?

The investigation has not determined that any such data was removed from Premera's systems.  Premera also has no evidence to date that such data has been used inappropriately.

Does Premera still have my information?

Yes. Premera must be able to provide copies of your medical records as allowed by the Health Insurance Portability and Accountability Act (HIPAA) and Department of Health and Human Services regulations. See 45 C.F.R. § 164.524(b) and Alaska Stat. § 18.20.085(a).

Is my retirement affected?

No.

What are some of the things someone can do with my personal information?

Identity theft occurs in many forms.  Here are some of the common ways identity thieves can misuse your information:

  • New account fraud: This happens when an identity thief uses your personal information to open up new accounts in your name, but will use a different address. Thus, you may not discover the new account for some time.
  • Existing account fraud: This occurs when an imposter uses your current account information to commit fraud. You can learn of this kind of fraud by reviewing your monthly account statements.
  • Debit or check card fraud: This occurs when a thief uses your debit or check card to remove money from your bank account. This is sometimes prevented if your accounts can only be accessed with a PIN, but there are ways to avoid this by making "off line" transactions.

  • Social Security number fraud: This happens when an imposter uses your SSN to gain employment, for tax reporting purposes, or other illegal transactions.
  • Criminal Identity Theft: This occurs when a criminal gives another person's name and personal information during an arrest. If the imposter then fails to appear in court, an arrest warrant can be issued with your name on it!

You can get information about these kinds of identity theft from several online resources, including the FTC's web site, www.ftc.gov/idtheft.

What happens if I become a victim of identity theft?

Premera is providing two years of free credit monitory and identity theft protection services through Experian to affected individuals.  To get this protection, you will need to sign up for credit monitoring and identity theft protection. More details about how to do this will be explained in the notice you will receive in a few weeks from Premera. Individuals who believe they are affected by this incident but who have not received a letter by April 20, 2015, are encouraged to call 1-800-768-5817.

More information?

Further information and alerts about this breach will be posted on the Division of Retirement and Benefits home page, the Alaska.gov home page, and the Division of Insurance home page.