OLYMPIA — State Insurance Commissioner Mike Kreidler was notified by Premera today, March 17, about a cyberattack affecting more than six million of its Washington customers and assured me they are taking all necessary steps to alert impacted consumers and to protect their confidential information.

“They also committed to take all necessary steps to bolster their security systems against future attacks,” said Kreidler. “I shared my immediate concern that consumers be notified as soon as possible about this data breach and that Premera make all resources available to protect consumers’ personal data.”

Kreidler said he was concerned that while Premera learned of this attack in January, it took approximately six weeks to notify his office.

“I understand that the company was working closely with the FBI and cyberattack experts to clean their system of the infection,” he said. “Premera has assured me that there is no evidence to date that any information was removed from their system or that any data has been used.

The company described the steps it is taking to notify policyholders and to set up credit monitoring for everyone impacted.

Kreidler is closely monitoring the company’s response including:

• Reviewing the notices to consumers about the steps the company is providing to protect their personal data.

• Ensuring the company is taking appropriate steps to protect consumers’ personal data.

• Getting updated progress reports on their communication efforts to affected consumers.

• Examining all steps the company is taking to bolster its security system.

“I urge all consumers who receive notice from Premera Blue Cross or LifeWise about this cyberattack to review it carefully and follow all steps outlined to ensure they’re protected,” Kreidler noted.

Additional information can be found at www.premeraupdate.com.

He said that insurance regulators across the country are on high alert given the recent data breach at Anthem Blue Cross and Blue Shield and are working closely to review what occurred and will be looking further into Anthem’s past practices.

“In light of these recent attacks, I will be requesting that all insurers doing business in Washington state review their own cybersecurity and take appropriate measures to protect their enrollees’ personal data,” Kreidler added.