Health Insurer Anthem Hit with Huge Data Breach

San Francisco-based health insurer Anthem informed millions of its customers via e-mail Thursday morning that hackers had gained access to the company's computers. CustomersEU names, birth dates, Social Security numbers, addresses and employment data might have been stolen in the breach, first announced late Wednesday.

The attack could affect as many as 80 million current and former customers of Anthem. No credit card information was accessed in the attack, according to Anthem, which operates in 14 states, including California and New York, and is the nation's second-largest health insurance company. There does not seem to be any information about who was responsible for the hack or how they breached Anthem's systems.

The company said that its databases also contained information on Blue Cross-Blue Shield patients from all 50 states. "Anthem will individually notify current and former members whose information has been accessed. We will provide credit monitoring and identity protection free of charge so that those who have been affected can have piece (sic) of mind," Anthem President and CEO Joseph Swedish said in the e-mail to users.

Lucrative Records

The company is still looking into exactly how many records were actually stolen but said it believed it was in the tens of millions. The database that was infiltrated contained records for 80 million people. If that database file was taken it would be the largest healthcare breach to date, according to Mandiant, the computer security company Anthem has hired to evaluate its systems.

We reached Stu Sjouwerman, CEO of Clearwater, Fla.-based security firm KnowBe4, who told us the Anthem story was unusual in that the company discovered and reported the breach itself. He added that as a result of the breach, customers as well as human resource and finance firms will likely receive a flood of phishing e-mails disguised as notifications from Anthem.

Sjouwerman also...

Comments are closed.