Premera Blue Cross of Mountlake Terrace. (Contributed photo)

Premera Blue Cross of Mountlake Terrace. (Contributed photo)

Premera Blue Cross agrees to $10M data-breach settlement

Information about 10 million customers of the Mountlake Terrace company was vulnerable during an intrusion.

MOUNTLAKE TERRACE — Premera Blue Cross, one of the Pacific Northwest’s largest health insurers, has agreed to pay $10 million for a 2014 data breach that affected some 10 million people nationwide, including more than 6 million Washington residents.

Washington Attorney General Bob Ferguson led an investigation into the health insurer’s security practices and was joined in a legal action by a coalition of 29 state attorneys general.

In a consent decree filed Thursday in Snohomish County Superior Court, the Mountlake Terrace-based health insurance company agreed to pay $10.4 million to state attorneys general in 30 states, including Washington.

Premera agreed to the settlement without admitting fault.

The consent decree satisfies a complaint filed Thursday in Snohomish County Superior Court in which the state attorney general alleged that Premera violated state and federal consumer and health protection regulations by failing to “reasonably safeguard personal health information from any intentional or unintentional use.”

A spokeswoman for Premera Dani Chung said in an email that the agreement is consistent with the company’s “ongoing focus on protecting personal customer information.”

“Premera takes the security of its data and the personal information of its customers seriously and has worked closely with state attorneys general, regulators and their information security experts, since the attack was made public in 2015,” Chung said.

Said Chung,”It is important to note that independent investigators have made no determination that any customer information was removed from Premera’s systems.”

The health insurer will pay $5.4 million to Washington state. The money will be used to uphold enforcement of state data security and privacy laws.

The remainder of nearly $4.6 million will be distributed among a coalition of states, including Alabama, Alaska, California, Connecticut, Nebraska, Oklahoma, Oregon, Rhode Island, Utah and Vermont.

The agreement also requires Premera to beef up data security, hire a chief information security officer and provide annual security reports to the state attorney general’s office.

The data breach potentially put 10.4 million people at risk for identity theft, and bank account and credit fraud, authorities said.

In March 2015, Premera told authorities that an unknown user had “gained unauthorized access to its networks,” the news release said.

From May 5, 2014, until March 6, 2015, the attorney general said, a hacker had unauthorized access to the Premera network, including private health information, Social Security numbers, bank account information, names, addresses, phone numbers, dates of birth, member identification numbers and email addresses, Ferguson said in a news release.

“Premera had an obligation to safeguard the privacy of millions of Washingtonians — and failed,” Ferguson said Thursday.

The $10 million payment is separate from a proposed class settlement, which was filed in federal court in Oregon but has not been finalized by the court. Premera recently agreed to pay $74 million to settle the class action.

That proposed class action settlement is intended to provide compensation to affected individuals.

Consumers affected by Premera’s data breach should expect to receive information about restitution after the settlement is approved by the court.

More information about the class action is available here.

Talk to us

More in Herald Business Journal

Boeing cutting more than 12,000 jobs with layoffs, buyouts

The company said it will lay off 6,770 workers this week, and another 5,520 are taking buyouts.

Alderwood mall is ready for the governor’s green light

The Lynnwood shopping center, closed since March 24, could reopen in June. But expect changes.

Snohomish County seeks to enter second phase of reopening

The variance request will go to the state if approved by the Board of Health and the County Council.

Firm accused of violating eviction ban agrees to restitution

About 1,450 tenants, including some in Marysville, will receive rent refunds or direct payments.

Boeing workers cope with the virus threat as layoffs loom

Five weeks after they returned to work, Boeing workers say measures inside the plants are mostly working.

Texan comes to defend Snohomish outlaw barber cutting hair

Bob Martin is defying orders to close. The man he calls his attorney didn’t go to law school.

Hundreds of masked guests line up as Tulalip casinos reopen

Tulalip Resort Casino and Quil Ceda Creek opened the doors on Tuesday after a two-month closure.

Worst jobless rate in the state: Snohomish County at 20.2%

In April, 91,383 were unemployed in the county. The aerospace sector was hit especially hard.

Small business relief effort inundated with 850 applications

The economy in and around Everett has struggled amid fallen revenues and uncertainty about the future.

Most Read