Are you an Anthem customer? Your info may have been stolen
Anthem, the 2nd largest healthcare insurer in the U.S. “was the target of a very sophisticated external cyber attack,” president and CEO said in a statement. As a result, up to 80 million customers have had their account information stolen. The attackers broke into the company’s computer system and gained unauthorized access to names, birthdays, medical IDs, Social Security numbers, street addresses, e-mail addresses and employment information, including income data. However, no credit card info was acquired, Anthem told USA Today. CEO of computer security firm vArmour in Mountain View, California Tim Eades believes the hackers were not interested in the customers’ medical information, and since none was seemingly stolen, the hack would not fall under the 1996 Health Insurance Portability and Accountability Act that governs confidentiality and security of medical information.
“The personally identifiable information they got is a lot more valuable than the fact that I stubbed my toe yesterday and broke it,” Eades said. The hacked database contained records for about 80 million current and former Anthem customers, making it “the largest health care breach to date,” according to computer security company Mandiant spokesman Vitor DeSouza. Anthem “retained Mandiant, one of the world’s leading cybersecurity firms, to evaluate our systems and identify solutions based on the evolving landscape”. The insurance company is also cooperating with the FBI, which is “aware of the Anthem intrusion and is investigating the matter,” Bureau spokesman Joshua Campbell said. The breach was discovered on the last week of January, and the company’s initial response was “notifying the FBI after observing suspicious network activity is a model for other companies and organizations facing similar circumstances. Speed matters when notifying law enforcement of an intrusion, as cyber criminals can quickly destroy critical evidence needed to identify those responsible.”
According to Anthem’s statement, the company “will individually notify current and former members whose information has been accessed. We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind.” Additionally, Anthem has set up a website and a toll-free number (1-877-263-7995) for past and present customers to learn more about the breach, which has affected the company’s brass as well. “Anthem's own associates' personal information -- including my own -- was accessed during this security breach. We join in your concern and frustration and I assure you that we are working around the clock to do everything we can to further secure your data,” Swedish said.