The Washington State Office of the Attorney General disclosed a data breach affecting Premera Blue Cross on March 5, 2023, stemming from unauthorized access via Fortra LLC’s GoAnywhere MFT service. The breach, initiated on January 28, 2023, compromised the personal data of 36,211 Washington residents and a total of 173,989 members. Exposed information included names, member IDs, dates of birth, gender, and email addresses, though Social Security numbers and financial details remained uncompromised. The incident highlights vulnerabilities in third-party file transfer services, raising concerns over the protection of sensitive healthcare-related data. While no financial or highly sensitive identifiers (e.g., SSNs) were leaked, the exposure of personal identifiers poses risks of identity theft, phishing, or targeted scams for affected individuals. Premera Blue Cross, a major health insurance provider, has previously faced breaches, underscoring persistent cybersecurity challenges in the healthcare sector. The breach did not involve ransomware or direct financial harm but emphasized gaps in securing third-party vendor systems.
TPRM report: https://www.rankiteo.com/company/premera-blue-cross
"id": "pre033090625",
"linkid": "premera-blue-cross",
"type": "Breach",
"date": "1/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '173,989 (total); 36,211 '
'(Washington residents)',
'industry': 'Healthcare',
'location': 'Washington, USA',
'name': 'Premera Blue Cross',
'type': 'Health Insurance Provider'},
{'industry': 'Technology',
'name': 'Fortra LLC',
'type': 'Software Vendor'}],
'attack_vector': 'Exploitation of third-party software vulnerability (Fortra '
'GoAnywhere MFT)',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '173,989',
'personally_identifiable_information': ['names',
'member IDs',
'dates of birth',
'gender',
'emails'],
'sensitivity_of_data': 'Moderate (no SSNs or financial data)',
'type_of_data_compromised': ['Personal Identifiable '
'Information (PII)']},
'date_detected': '2023-01-28',
'date_publicly_disclosed': '2023-03-05',
'description': 'The Washington State Office of the Attorney General reported '
'a data breach involving Premera Blue Cross on March 5, 2023. '
'The breach, which began on January 28, 2023, involved '
"unauthorized access to data through Fortra LLC's GoAnywhere "
'MFT service, affecting 36,211 Washington residents and a '
'total of 173,989 members. The compromised information '
'included names, member IDs, dates of birth, gender, and '
'emails, but did not include Social Security numbers or '
'financial information.',
'impact': {'brand_reputation_impact': 'Potential reputational damage (not '
'quantified)',
'data_compromised': ['names',
'member IDs',
'dates of birth',
'gender',
'emails'],
'identity_theft_risk': 'Low (no SSNs or financial data exposed)',
'payment_information_risk': 'None',
'systems_affected': ['Fortra GoAnywhere MFT']},
'initial_access_broker': {'entry_point': 'Fortra GoAnywhere MFT '
'vulnerability'},
'references': [{'date_accessed': '2023-03-05',
'source': 'Washington State Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Washington State '
'Attorney General'},
'response': {'communication_strategy': 'Public disclosure via Washington '
'State Attorney General'},
'title': 'Premera Blue Cross Data Breach via GoAnywhere MFT',
'type': 'Data Breach',
'vulnerability_exploited': 'GoAnywhere MFT (specific CVE not mentioned)'}