Follow Us

'Sophisticated' Anthem Breach Could Affect Millions

The health insurer, which serves 69 million people, says it suffered a cyberattack that might have put users' sensitive personal information at risk.

'Sophisticated' Anthem Breach Could Affect Millions

Getty Images / David McNew

Posted: 10:48 a.m. EST Feb 5, 2015

Well, at least we made it one month into 2015 without any major data breaches. Anthem, the U.S.' second-largest health insurer, has been hacked.

The company released a statement saying it was the target of a "very sophisticated external cyber attack."

So far, Anthem is saying compromised information includes names, dates of birth, member IDs, addresses, phone numbers, email addresses, employment information and Social Security numbers.

That last one is a big one. Unlike payment information or email addresses, Social Security numbers are not only hard to change, but also grant wider access to personal information used for identity theft when used with birth dates and names.

While Anthem has yet to estimate just how many of its customers have been affected, the company says it serves about 69 million people in total. So depending on the scope of the attack, tens of millions of Americans may be affected.

So what are customers to do? Wait, for now. Anthem says it will offer free identity repair services and credit monitoring for those affected, and Anthem plans to contact those people by mail.

As for what Anthem is doing to find out who the hackers are, The Wall Street Journal says they've hired the folks at Mandiant to investigate the cause.

A spokesman for Mandiant's parent company told Bloomberg the malware used to hack into Anthem's systems was sophisticated enough to be customized, which could mean it was an advanced attacker.

It's notable that Anthem appears to have discovered this hacking attack and reported it quickly, unlike companies which suffered similar challenges in the past.

When Target was hacked in 2013, the retail giant had been notified user accounts were compromised weeks before it finally announced there was a breach in December.

In a statement, the FBI complimented Anthem's quick action after discovering the attack, saying it "is a model for other companies and organizations facing similar circumstances."

In a questions-and-answers page, Anthem says hackers did not access medical diagnosis or treatment data. So far, credit card numbers don't appear to have been stolen, either.

This video includes images from Getty Images.

Top Stories

Flames from the Donnie Creek wildfire burn along a ridge top north of Fort St. John, British Columbia.

As climate warms, wildfires could make air more deadly, study says

Researchers say poor air quality as a result of wildfires will cause thousands of additional deaths per year in the U.S.

Aerial view of Wootton High School in Maryland.

Maryland teen arrested for allegedly planning school shooting

Authorities said the 18-year-old high school student wrote a 129-page manifesto detailing plans to gain notoriety by shooting up a school.

United Airlines planes.

'Unauthorized person' reportedly in flight deck during MLB team flight

An investigation has been launched after video posted to social media appears to show a Colorado Rockies coach in the plane's cockpit during flight.