Anthem offering identity theft protection after recent cyber attack
Anthem is offering identity repair assistance and credit monitoring services to former members enrolled in 2004 or later in response to the recent data breach.
Members may receive an email regarding these services from Anthem beginning the week of Feb. 16. They will also receive a letter from Anthem in the coming weeks, but do not need to wait for the letter to begin using the services.
As many of you have heard in the news, Anthem, Inc. disclosed on Feb. 5, 2015 that the health insurer was the target of a very sophisticated external cyber attack and that data for its 80 million members was accessed. This potentially includes information about UC students, faculty, staff and retirees, as well as their dependents.
In addition, on Feb. 6, Anthem notified UC of a phishing scam related to the cyber attack. The phishing scam, which uses Anthem’s logo [PDF], includes an offer to sign up for a year of credit card protection. If you receive this or a similar email, do not respond to or click on any links.
From 2003 until Jan. 1, 2014, also Anthem provided health insurance to UC employees and retirees and their dependents. The UC Anthem plans included Anthem Blue Cross PPO, Anthem Blue Cross PLUS, Anthem Lumenos, Core, Core Medicare, Anthem Blue Cross Medicare PPO and High Option Supplement to Medicare.
According to Anthem, the information accessed through the attack includes member names, member health ID numbers/Social Security numbers (Anthem does not possess Social Security numbers for UC students), dates of birth, addresses, telephone numbers, email addresses, and employment information such as the UC campus or medical center location and the separation date.
Anthem has created a dedicated website where current and former Anthem members can find information. Members may also call 1-877-263-7995.
UC is in communications with Anthem to understand the effect of this data breach on current and former Anthem members. Here is a summary of information Anthem has provided:
- Anthem’s investigation to date shows that no confidential health information (e.g., no claims information, no diagnosis) was accessed.
- Anthem has advised UC that there is no indication at this time that any employees’, retirees’ or students’ personal information has been misused.
- Anthem will enroll members affected by the attack in identity repair services. In addition, impacted members will be provided information on how to enroll in free credit monitoring. Anthem will notify affected members only by mail sent through the U.S. Postal Service.
- Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the Federal Bureau of Investigation (FBI) and began fully cooperating with its investigation. Anthem has also retained Mandiant, one of the world’s leading cybersecurity firms, to provide incident response and security assessment services.