Anthem, the second-largest health insurer in the United States, has experienced a data breech that may turn out to be the largest health care breach to date, as the compromised database holds records of some 80 million individuals. Anthem has not disclosed much of the details surrounding the cyber attack, but the company’s CEO, Joseph Swedish, issued a public statement, in which he says Anthem was the victim of a “very sophisticated external cyber attack.”
Swedish did offer some details about the types of compromised data: “These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.” Swedish also said that “Anthem’s own associates’ personal information – including my own – was accessed during this security breach.” As of now, “no credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised.”
The breach impacted customers of all of Anthem’s product lines: Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare. But, the actual number of affected individuals has yet to be determined.
Anthem promised to notify each of the affected customers in writing, and provide credit monitoring and identity protection services free of charge, which is common and required by data privacy laws in most states.
This is a fast-moving story, so we’ll keep you updated on events as and when they occur.