HMSA members alerted to theft of Premera data

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

As many as 32,300 current and former Hawaii Medical Service Association members and providers may have had their personal data stolen over the past two months via the Blue Cross and Blue Shield network of health plans.

HMSA, the state’s largest medical insurer and an independent licensee of the Blue Cross and Blue Shield Association, said late Monday information for an estimated 14,000 former and current members may have been hacked in a cyberattack against Premera Blue Cross in Washington state. Cyberthieves may have also accessed the Social Security numbers of another 300 HMSA providers who cared for a Premera member at some point since 2002, the insurer said.

In February HMSA said an estimated 18,000 current and former members had their personal data hacked during a cyberattack on Anthem Inc., a Blue Cross and Blue Shield plan that serves residents in 14 states.

In the most recent case, HMSA said the members affected may have seen a doctor, visited a hospital or had medical services in Washington or Alaska since 2002 or had lab tests or medical equipment ordered on their behalf from the mainland.

Information stolen might include names, birth dates, email and mailing addresses, telephone numbers, Social Security numbers, HMSA membership numbers, bank and claims data, including private health information.

"However, we think it’s highly unlikely that our members’ Social Security number, email, telephone number or financial information was accessed," Mike Gold, HMSA president and chief executive officer, said in a letter to members posted on HMSA’s website Monday. "As a practice, we do not share that information about our members. No data was stolen from HMSA and our systems weren’t involved in the attack."

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

HMSA said affected members will receive a letter this week with information on free services Premera is offering, including identity theft protection and credit monitoring. Members can enroll in these services online at premeraupdate.com.

Premera, based in Mountlake Terrace, Wash., has operations in Seattle and Spokane as well as Anchorage, Alaska. The company, one of the largest health plans in the Pacific Northwest serving 1.8 million people, discovered in January that cyberattackers had infiltrated its computer systems affecting Premera Blue Cross, Premera Blue Cross Blue Shield of Alaska and affiliated brands Vivacity and Connexion Insurance Solutions Inc. as well as members of other Blue Cross Blue Shield plans who sought treatment in Washington or Alaska.

"In light of the Premera and Anthem hacks, we’re taking an even harder look at HMSA’s security controls," Gold added. "We’re enhancing our layers of security and have extended monitoring of our systems. I’m truly sorry that the Premera cyber attack may have affected our community."

For more information, call HMSA at 948-6404 on Oahu or 800-459-3963 on the neighbor islands or the mainland. Phone lines are open Monday to Friday, 8 a.m. to 5 p.m.