It has been three weeks since the news that current and former members insured by Hawai’i Medical Services Association (HMSA) may have become victims of a cyber attack on a mainland health care provider, Anthem. In a letter emailed today from HMSA CEO Michael Gold, more information has been revealed as have suggested tips to protect whatever personal information may have been at risk.
In today’s emailed update, Gold has added new details that may mean even more HMSA clients may be at risk after another cyber attack on a Washington State business, Premera. Here is Mr. Gold’s Letter:
Dear HMSA member,
We’ve learned from Premera Blue Cross in Washington state that some current and former HMSA members have been affected by the recent cyber attack on Premera’s database. No information was stolen from HMSA and our systems weren’t involved.
These are members living in Hawaii and other places who received medical or hospital services in Washington state or Alaska anytime since 2002. Or a member’s doctor ordered labs or medical equipment on their behalf from the Mainland since 2002.
I’m very concerned about this situation and have told our team to work carefully but quickly to validate the number of affected current and former HMSA members and determine their names and what personal information was accessed. We’ll mail affected members a notification letter as soon as our information is validated. Premera will send its own notification letter after ours.
Premera has said hackers may have accessed personal information such as member names, dates of birth, email and mailing addresses, telephone numbers, Social Security numbers, member identification numbers, bank account information, and claims information, including clinical information in Premera’s systems from up to 11 million individuals, providers, and businesses going back to 2002.
I’d like you to know that as a practice, we don’t share our members’ Social Security numbers, email or street addresses, telephone numbers, medical or financial information, or other personal information.
Protecting your information is a top priority and we’re doing everything we can to stay ahead of threats to member privacy:
- We have a sophisticated, multi-tiered security system and all HMSA employees are trained on how to safeguard member information.
- We always encrypt member information when it’s transmitted electronically and we continuously scan and monitor our databases for suspicious activity.
- We regularly evaluate our security policies and in light of recent events, we’re working with leading experts to add additional safeguards that protect member information. And we regularly review the security of our partners and vendors to be vigilant for you.
Free identity protection and credit monitoring
Premera is offering two years of free identity protection and credit monitoring services to anyone who’s concerned they could be affected. You can sign up today at premeraupdate.com. You don’t have to wait for our notification letter or Premera’s. If you think you could be affected, I encourage you to enroll in these services for peace of mind. In addition, Premera has a hotline with more resources: 1 (800) 768-5817 toll-free. It’s open Monday to Friday, 2 a.m. to 5 p.m. Hawaii time. Premera won’t email you or make unsolicited phone calls to you regarding this incident. Please be on the alert if you are contacted and asked to provide personal information by anyone saying they’re from Premera.
HMSA phone line
I know this can be a frustrating situation. To best serve you and answer your questions, we’ve set up a dedicated Premera phone line: (808) 948-6406 on Oahu or 1 (800) 459-3963 toll-free on the Neighbor Islands or the Mainland. The phone line is open Monday to Friday, 8 a.m. to 5 p.m. Hawaii time and Saturdays from 8 a.m. to 2 p.m., also Hawaii time.
This is a quickly changing situation and I’ll be sure to keep you updated as we receive new information.
Michael A. Gold
President and Chief Executive Officer