Massive Data Breach at Health Insurer Anthem

Up to 80 million people’s personal information, including Social Security Numbers have been compromised in the largest-ever health care breach. The breach affected both members and employees of Anthem Health company, including the CEO himself. They created a website dedicated to the breach.

Site Link

FAQ Link

Here’s the information that’s been compromised:

  • names
  • birthdays
  • medical IDs/social security numbers
  • street addresses
  • email addresses
  • employment information
  • income data

Here’s what hasn’t been shown to have been affected:

  • credit card information
  • medical information such as claims, test results or diagnostic codes

As a matter of comparison, in the well-known Target data breach, there were up to 70 million affected, versus the 80 million in this Anthem breach. Anthem does not report any laxity in their security protocol, rather “Anthem was the target of a very sophisticated external cyber attack”, according to CEO Joseph Swedish.

The company vows to provide credit monitoring for the affected members:

How can I sign up for credit monitoring/identity protection services?

All impacted members will receive notice via mail which will advise them of the protections being offered to them as well as any next steps.

This breach would appear to be much more significant than the multitudes of other breaches we’ve had recently, since SSN’s were affected as well. This would make it easy, for example, for the thieves to open bank account or credit cards using the stolen information.

Some are reporting that the fact that there was no breach of medical information isn’t really a major deal, “The personally identifiable information they got is a lot more valuable than the fact that I stubbed my toe yesterday and broke it”. But according to other sources stolen identities that contain medical records are worth much more than a simple SSN.

A stolen credit card number sells for about $1 on the black market. A SSN with a credit card sells for about $5. And stolen medical records go for around $50. It’s not fun hearing these numbers thrown around, but it shows the significance of the fact that medical records have not been compromised.

We still need to find out more on the details of the credit monitoring being offered, but in this case – that SSNs were compromised – it seems especially important.

Subscribe
Notify of
guest

3 Comments
newest
oldest most voted

Debt Hater
Debt Hater (@guest_71826)
February 7, 2015 17:47

Of course my company uses Anthem, we received two e-mails internally about this whole thing but I haven’t heard anything directly from Anthem. What I’m confused about is how do they determine who was “affected”? If everyone’s data was hacked, just because my information wasn’t used/sold yet – can’t it be used in the future?

Seems like it would be a better idea to just offer everyone credit reporting to be safe. They already screwed up with the hacking.

Michael
Michael (@guest_71551)
February 6, 2015 22:59

We just started health insurance at our workplace with Anthem. Corporate sent out email that phone numbers were called/ emails sent that numerous people within the company were trying to sell anti-virus product. So yeah, there’s that.