Unfortunately, the days of massive health care data breaches are far from over.
Premera Blue Cross has revealed that hackers breached its insurance customer data starting in May 2014, potentially exposing both the financial and medical records of 11 million people — the largest such attack to date. There’s no evidence yet that the data has been “used inappropriately,” the company says, and it notes that both the FBI and security firm FireEye are already on the case.
While the practical damage appears to be limited so far, the hack is a reminder of why there’s a push for federal data protection laws. Premera didn’t learn of the breach until late January, but it took 47 days to tell clients. That’s a long time to leave people unaware that their most sensitive information is vulnerable. In theory, national rules would speed up these kinds of disclosures and give you a better chance at preventing (or at least, spotting) fraud.