Chinese hackers behind Premera breach?

Security research firms believe the data breach at health insurer Premera Blue Cross may be connected to the recent Anthem hack in February.

Almost immediately after Anthem — the nation’s second-largest health insurer — announced that the personal date of nearly 80 million of its customers had been compromised by a cyberattack, suspicion fell on state-backed Chinese hackers.


Shortly after Premera revealed 11 million of its customers had their data exposed by a hack, security firm ThreatConnect said it had seen evidence that the digital hit was part of the same Chinese campaign.

The firm’s Anthem investigation revealed the incident was not an isolated attack.

Premera — and possibly other insurers — had also been hit, the firm believes. It’s likely Chinese state-sponsored hackers were trying to infiltrate Premera as far back as December 2013, ThreatConnect said.

Premera said Tuesday it had traced the attack back to May 2014.

The malware used in the Anthem hack — and possibly in the Premera hit as well — can be tied back to entities with Chinese intelligence agency connections and has been used in a prior Beijing-backed hack of a U.S. defense contractor, ThreatConnect said.

Experts believed the Anthem theft was motivated by more than profit. The hackers were thought to be looking for data that could be used to infiltrate the computers of valuable U.S. espionage targets, such as defense contractors and high-ranking officials.