Anthem insurance hacked.

[terrehautian]

Figure, my work switched from United Health Care to Anthem and this happens. No mail from them yet about it. I will say that with Anthem, my last health check visit went from $25 to $9.15.

 

[Ballstater98]

Here is the email:

To Our Members:

Safeguarding your personal, financial and medical information is one of our top priorities, and because of that, we have state-of-the-art information security systems to protect your data. However, despite our efforts, Anthem Blue Cross Blue Shield was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information (such as claims, test results or diagnostic codes) were targeted or compromised.

Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation. Anthem has also retained Mandiant, one of the world’s leading cybersecurity firms, to evaluate our systems and identify solutions based on the evolving landscape.

Anthem’s own associates’ personal information – including my own – was accessed during this security breach. We join you in your concern and frustration, and I assure you that we are working around the clock to do everything we can to further secure your data.

Anthem will individually notify current and former members whose information has been accessed. We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind. We have created a dedicated website - AnthemFacts.com - where members can access information such as frequent questions and answers. As we learn more, we will continually update this website and share that information with you. We have also established a dedicated toll-free number that both current and former members can call if they have questions related to this incident. That number is: 1-877-263-7995.

I want to personally apologize to each of you for what has happened, as I know you expect us to protect your information. We will continue to do everything in our power to make our systems and security processes better and more secure, and hope that we can earn back your trust and confidence in Anthem.

Sincerely,


Joseph Swedish
President and CEO
Anthem, Inc.

Almost word for word as the email I got.

 

[Cameramonkey]

Could explain why my bank is sending me a new debit card. Said I was at risk of unauthorized charges, out of the blue, sending new cards with new numbers.

Probably unrelated. I had that last month. It means your card info was hoovered up in a breech of a merchant you used that card at. I use Anthem too and they have no knowledge of the card of mine that was replaced.

Seems like every time this happens it comes out that the company knew for months.

Could be the companies just hope no one finds out, or maybe law enforcement wanted some time to track the culprits while they were still unsuspecting. Who knows.

Yes. I do some IT forensics. You never just slam the door closed on one of these hacks. If you do all you know is SOMEBODY got the info and thats not very helpful. Sometimes it takes time for them to sit quietly and watch them working to figure out who/where they are so they can be caught. Its like seeing something missing from your barn. If you just put a new lock on the door you are out your tools with nobody to blame. Now if you instead quietly install a game camera and/or stake out the barn to wait for them to return... Thats what they did.

Oh, and also, if you ever find a CD/DVD or thumb drive laying around with no markings? NEVER EVER EVER pick it up and stick it in your computer to see whats on it. Thats an attack vector some use to infiltrate companies. they scatter a thumb drive or two around an employee parking lot and then wait. Somebody finds it on their lunch hour, sticks it in their work computer, and boom. Infected... giving the bad guy access to that workstation from the internet. (and possibly login credentials, etc) And if its a custom piece of code, 99% of the antivirus software wont even blink when it runs. They rely on "fingerprints" in the code to detect it. What Norton, Mcaffee, Avast, etc all use is based on somebody like me finding suspicious software on a computer and reporting it to them. Once they have seen it and verify its bad, they can add that to their database for the rest of their customers to be able to detect it. Behavior based antivirus can catch it, but that technology is finicky and expensive, so few bother with it.

 

[mom45]

No email but we've had Anthem for a long time. They are recommending you do a free credit report and put a freeze on your credit. They are also saying kids are at high risk for identity theft since it wouldn't be discovered for years in most cases.

Something to think about if you have young children.

 

[kiddchaos]

The hacked database included information for some current and former customers.

I fall into both these categories, since I had them twice now, for different jobs.

 

[wtburnette]

No email but we've had Anthem for a long time. They are recommending you do a free credit report and put a freeze on your credit. They are also saying kids are at high risk for identity theft since it wouldn't be discovered for years in most cases.

Something to think about if you have young children.

The freeze on the credit from the big three is a fantastic idea and one I'm going to implement myself. For anyone considering this move:

How to Freeze Your Credit - Equifax Credit Security Freeze
https://www.experian.com/freeze/center.html
Credit Freeze | Place a Security Freeze on Your Credit | TransUnion

 

[hoosierdoc]

Requesting a security freeze for a minor child?s credit report | Ask Experian

 

[rob63]

If you are an Indiana resident, you can use the Attorney General's website to place the credit freeze free of charge. It may work that way anyway through the other sights since it is a state law, but I know this works from personal experience.

Attorney General: Credit Freeze

 

[Mr Evilwrench]

Yeah I had a heckofatime getting a valid CreditKarma account because they wouldn't believe me when I told them (honestly) that I didn't have such and such store credit, a car loan, a mortgage etc. I finally answered one of their questions to their satisfaction and got in. Somehow I still have good credit.

 

[rgrimm01]

Haven't got my letter yet, but like many of you, I am expecting it... It chaps my butt that they collect all of this data on us, then have it stolen.

 

[MrsGungho]

well, I will try not to worry to much. I'll make the calls today. Especially for my son, who is only 11 years old.

I need to try to remember if my daughters were ever on an Anthem policy with us now. Oh heck, I'll just tell them to call and put a fraud alert on for now.

had heard the news last night, just haven't gotten anything from Anthem yet. And our policy just expired too

 

[ben992]

I wish I could find out if Anthem and Highmark were the same thing.

 

[Gadgetmonster]

Just in time for tax season!
Crooks are hungry for your name, address and SS#. With that they can file in your behalf for your tax refund. And they will get it.
Then when you file you will get a letter telling you you already filed.

So get ready to file with a dozen agencies proving who you are and alerting them you have been a victim of identity theft.
It is Horse Shix. There is no check by the IRS for who you are. They just send the crook your refund.
After you have been pooched the IRS then gives you a PIN to use on your return when you file in the future.

Fn crooks are having a heyday pocketing your refund right now.

 

[Mark-DuCo]

How do these credit feezes work, I have Anthem and my son is on my policy as well. I am planning on buying a house in the next few months, so i really don't need anything to screw up my credit. Would a credit freeze affect my ability to get a mortgage?

 

[WebSnyper]

This breach reportedly included more than just current members. From what I understand anyone that had anthem at some point is included. As noted above, a malicious individual with this much personal data can definitely do some harm. I seriously doubt that Anthem will cover credit monitoring for all involved. LAst Christmas when Target was hit they didnt help anyone...

Target offered a free sign up for Credit monitoring. You did not have to prove you were even in the potentially impacted group. That is not enough of a penalty for a company, but they did offer it.

No email but we've had Anthem for a long time. They are recommending you do a free credit report and put a freeze on your credit. They are also saying kids are at high risk for identity theft since it wouldn't be discovered for years in most cases.

Something to think about if you have young children.

Agreed, and at least when I tried to get a free credit report on my kids recently I was unable to do so. I'll have to look at some of the links people have posted in this thread to see what can be done.

 

[hoosierdoc]

.. It chaps my butt that they collect all of this data on us, then have it stolen.

It's an impossible situation for them. Fraud is so huge that they need demographic match with hospitals and doctors to ensure it's the correct patient. That means anthem needs to have interfaces with dozens if not hundreds of software packages that allows transmission and confirmation of demographics. It's bound to have a flaw.

hackers will always be able to enter systems through gaps in security. Always. How do you prevent it? Unhook from outside connections, which renders your network about useless.

this is the new normal.

 

[mom45]

I placed a freeze on all three accounts for my husband and I and printed out our free annual credit report. The link for Transunion wouldn't work but I called the 800 number that came up and was able to do it on their automated phone system for both of us.

 

[Leadeye]

How much can hackers get just by paying some disgruntled employee a wad of cash. Stealing the old fashioned way through bribes.

 

[Cameramonkey]

Just in time for tax season!
Crooks are hungry for your name, address and SS#. With that they can file in your behalf for your tax refund. And they will get it.
Then when you file you will get a letter telling you you already filed.

So get ready to file with a dozen agencies proving who you are and alerting them you have been a victim of identity theft.
It is Horse Shix. There is no check by the IRS for who you are. They just send the crook your refund.
After you have been pooched the IRS then gives you a PIN to use on your return when you file in the future.

Fn crooks are having a heyday pocketing your refund right now.

All the more reason to make sure you are claiming the proper amount of deductions on your W4. If you have kids, it is probably WAY more than you think. In our case its more than two per person to make sure we dont get a refund.

I keep my money on every paycheck and end up writing the feds a small check instead of giving them a free loan for the year.

In theory, if you dont have a refund to get, you cant lose it.


How messed up is it that in order NOT to let the government take too much of your money you have to do things that are counterintuitive?

 

[cobber]

Transunion freeze site temporarily unavailable...


JAQ here. Could this be a federal undertaking to drive people away from private insurers AND provide a pool of identities to supply to illegal aliens, erm, undocumented guests?