(Bloomberg) — Insurance regulators in states including Washington and Alaska are launching an investigation into the cyberattack on health insurer Premera Blue Cross.
State watchdogs will look into “what happened, how it happened, and what the end result or consumer impact is,” Lori Wing-Heier, director of Alaska’s Division of Insurance, said Friday.
The regulators will examine whether there’s a connection between the attack on Premera and a cyberattack on Anthem Inc. That company, the second-largest U.S. health insurer, said last month that hackers accessed information on 78.8 million people.
Premera said this week that data such as names, bank accounts and medical information on 11 million people may have been exposed. The Mountlake Terrace, Wash.-based insurer discovered the breach on Jan. 29 and is sending letters to customers who were affected. The company said the breach began on May 5, almost nine months before it was discovered.
Regulators will look into the amount of time it took Premera to identify the attack and notify customers, Wing-Heier said by phone from Juneau.
The attack on Premera was the latest in a series of high-profile breaches at health-care firms. Hospital chain Community Health Systems Inc. had information on 4.5 million patients taken last year.
Premera has more than 1.8 million customers, and the attack affected records dating back to 2002. Information was also compromised from Premera’s Vivacity and Connexion Insurance Solutions brands.
Regulators in states including Indiana, California and Maine are investigating Indianapolis-based Anthem’s breach, according to a statement from the National Association of Insurance Commissioners (NAIC).
See also: Scary benefits stories