Premera Data Breach Victim Facing False Tax Return Joins Premera Class Action

Tacoma, WAIt’s one thing to have your personal information and data hacked with the potential for it to fall into the wrong hands. But when that person who is amongst the millions of Americans whose personal data was compromised works in the healthcare field, it introduces an entirely new set of potential problems and frustrations. Such is the case with the Premera data breach.

And Maria Sullivan is one such person.

According to a news report from KING 5 News, Maria Sullivan works as an account rep at a hospital in Tacoma, Washington. Her fears about private, sensitive personal information and data falling into the wrong hands and used for ill-gotten gains have come to pass, after someone filed a false tax return in her name.

“Stressed! Stressed!” she told KING 5.

She showed a television reporter a collection of items that had been shipped to her home via mail - items from companies about whom she has no knowledge, and items that were not ordered by her.

She is angered by the Premera data breach.

“That’s very angering,” said Ms. Sullivan. “Working like I do in the healthcare field I have to be so careful with what I even leave on my desk. That every paper is turned over. So [Premera] should be that careful.”

The Premera Blue Cross data breach is just one of the latest hacks to have occurred in recent years. Other data breaches have affected major corporations such as Home Depot and Target. Even the US Federal Office of Personnel Management (OPM) was recently hacked. It appears as if illegal hackers are not only keeping up with the latest security patches, they’re keeping one step ahead of the game - making the process of data security the highest of priorities.

That said, Premera is alleged to have been warned some weeks before the May 2014 hack that its systems were not properly protected. According to court documents, Premera was approached by auditors from the OPM (itself the victim of a cyber attack) and warned that network security patches designed to ward against data breaches had not been implemented in a timely manner.

What’s more, access control protocols typically observed at similar facilities were not being observed by Premera, or so it has been alleged.

Three weeks after the warning, in May 2014, Premera was hacked. The data breach did not come to light until January of this year, some eight months later.

Over the interim, whoever was responsible for the Premera data breach has had ample opportunity to share - likely for profit - names, addresses, Social Security numbers and other sensitive data with others. Someone, using Sullivan’s name and data, had the time to file a false tax return for 2014.

According to KING 5 in Seattle, Premera kept mum about the security breach for two months and only went public with the breach once the problems linked to the cause of the breach had been taken care of. Premera offered its clients two years of free credit monitoring in an apparent effort to compensate victims and ease their fears. However, according to one security expert contacted by KING 5, the two-year offer of credit monitoring is likely insufficient given the depth and breadth of the personal information exposed.

“Your information isn’t just magically not going to be stolen,” said Brian Seely, a cybersecurity expert, in comments to KING 5. “It’s always going to be stolen and out there and someone has it, who is going to be even more irresponsible than Premera.”

Sullivan has signed on to one of five class-action lawsuits against Premera Blue Cross, which is the largest insurer in the state of Washington.