Premera Blue Cross Data Breach Class Action Lawsuit
Is your business at risk?

Healthcare providers whose data has been breached are now receiving letters from Premera.  Bank account information is included in the breach.

Pfau Cochran Vertetis Amala PLLC

Contact us today

If your office has or has had a business relationship with Premera since 2002, your bank account and other details are at risk.

Your business information was likely hacked and you may have been exposed to the risk of identity theft or theft of business funds.

Pfau Cochran Vertetis Amala PLLC is using the class action lawsuit to seek all available remedies to help protect victims in the future.  Premera’s offer of 2 years of credit monitoring is a start, but it doesn’t go nearly far enough.  One of the things we’ll be seeking in the lawsuit is lifetime credit monitoring for all victims of this data breach.  For businesses, we will fight for actual losses and costs of repairing the threat to your accounts.

11 Million Premera Members Potentially Exposed by Data Breach

Premera is sending letters to healthcare providers informing them of the data breach.

We have reports from health care providers that they, too, are at risk from the hackers who accessed Premera’s systems from May 2014 to January 2015.  Due to the type of relationship most providers have with Premera (financial), the data that was breached is especially worrisome.

If you’ve experienced theft of the sort that you suspect may have been caused by the data breach, we’d like to hear from you.  Please contact us below.

Federal Auditors Warned Premera Blue Cross About Security Before the Breach

Federal Auditors Inspected Premera Blue Cross in January 2014, and we have the Report

PCVA has obtained a copy of the Office of Personnel Management’s report of the audit of Premera’s systems.  It lists 10 “opportunities for improvement” in Premera’s access controls.  Of note to us were the following:

Failure to implement software patches in a timely manner

Failure to promptly install important updates increases the risk that vulnerabilities will not be remediated and sensitive data could be breached.

Noncurrent software

The results of the vulnerability scans indicated that several servers contained noncurrent software applications that were no longer supported by the vendors and have known security vulnerabilities.

…Failure to promptly remove outdated software increases the risk of a successful malicious attack on the information system.

Insecure Operating System Configuration

The results of the vulnerability scans also indicated that several servers contained insecure configurations that could allow hackers or unprivileged users to insert code that would result in privilege escalation. The escalated privileges could grant the hackers unauthorized access to sensitive and proprietary information.

You can download a copy of the full Audit Report by clicking here: Audit of Information Systems General and Application Controls at Premera Blue Cross (7MB PDF)

Anyone who provided information to Premera since 2002 at risk

Premera has stated that the information in its systems dated back to 2002.

This data consisted of information provided by:

  • Premera applicants
  • Premera subscribers
  • Premera Blue Cross Blue Shield of Alaska applicants and subscribers
  • Vivacity applicants, customers, and members
  • Connexion applicants, customers, and members
  • Individuals “doing business” with Premera
  • Members of other Blue Cross Blue Shield plans who sought treatment in Washington or Alaska

If you fall into any of the above categories, your personal information is at risk.  Premera has stated that it has begun sending letters to affected individuals and that those letters should be received by April 20.

Data breach poses a real risk of identity theft

The types of information potentially exposed during the Premera data breach are the virtual keys to your identity.  With this information, hackers can wreak havoc in your life.  Your tax return can be stolen, or subverted by a hacker with your Social Security number and address.  Your bank’s customer service center may authenticate “you” by your address, date of birth, and a few digits of your social security number.  Someone can file for unemployment in your name, causing a big headache for you and your boss.  Of course, there’s the old standby of using your information to open new credit accounts and racking up huge balances that will affect your credit score.


Violation of Numerous Laws and Regulations

Numerous federal laws and regulations require health insurers like Premera to utilize the strictest measures possible to protect the personal information of its applicants and subscribers.  We believe that the data breach in and of itself is a clear violation of these laws and regulations.

Additionally, a recent Seattle Times article revealed that federal auditors warned Premera of its vulnerability to hacking three weeks before the data breach happened.  Two weeks before the breach occurred, those federal auditors gave Premera a list of findings and ten specific recommendations for improving its cybersecurity.  Premera, however, did not respond to these findings and recommendations until June 30, 2014, almost two months after the breach.  And Premera did not even discover the breach until January 29 of this year.

Simply put, Premera knew this attack might happen and what it could do to better secure its systems.  However, it failed to implement those measures promptly and allowed hackers to access its systems for up to eight months.  Under these straightforward facts, we believe Premera may be liable to you for any unauthorized access or use of your personal information.  That is why we have filed a class action lawsuit on your behalf.

Premera Data Breach in the News

Why choose Pfau Cochran Vertetis Amala PLLC?

Class Action Lawyers with a Proven Record

Our law firm has litigated against huge corporations in the health care industry and brought complex class action lawsuits on behalf of thousands of wronged individuals.  Most importantly, our law firm has a proven track record of highly successful results in these class action lawsuits, such as securing a payment of $85,000,000 – one of the largest jury verdicts ever against the State of Washington – to thousands of in-home care providers cheated out of wages by the State and a $7,500,000 payment to thousands of victims of fraudulent medical bill collections.

Whether this class action goes to trial or settles, we know how take on the health care industry, and we know how to win.  And, with our law firm’s cutting-edge technology, we are available to you 24/7.

If you believe your personal and medical information has been exposed or your identity stolen as a result of the Premera hack, contact us for a free, confidential consultation at 1-800-349-PCVA (7282) or filling out the contact form below.


If you believe you are affected, or if you’ve gotten a letter from Premera explaining that your data was part of the breach, we’d like to fight for you.