After cyber attack, Anthem offers identity theft protection to current, former members
In response to a recent data breach, Anthem, Inc. is offering identity repair assistance and credit monitoring services to current members and to former members enrolled in 2004 or later.
Members may receive an email regarding these services from Anthem beginning the week of Feb. 16. They will also receive a letter from Anthem in the coming weeks, but there is no need to wait for the letter before you begin using the services.
As many of you have heard in the news, Anthem, Inc. disclosed on Feb. 5, 2015, that the health insurer was the target of a very sophisticated external cyber attack and that accessed data for its 80 million members . This potentially includes information about UC students, faculty, staff and retirees, as well as their dependents.
In addition, on Feb. 6, Anthem notified UC of a phishing scam related to the cyber attack. The phishing scam, which sends out an email under Anthem's logo, includes an offer to sign up for a year of credit card protection. If you receive an email similar to this, do not respond to and do not click on any of its links.
Currently, Anthem is the network provider and claims administrator for UC SHIP, the university's student health insurance plan, at UC San Francisco, Hastings College of the Law, UC Santa Cruz, UC Irvine (graduate students only), UC Merced, UCLA and UC San Diego. UC Irvine undergraduates and UC Davis students have only their vision insurance through Anthem. Anthem provided services for UC SHIP at all campuses from August 2011 through July 2013.
From 2003 until Jan. 1, 2014, Anthem also provided health insurance to UC employees and retirees and their dependents. The UC Anthem plans included Anthem Blue Cross PPO, Anthem Blue Cross PLUS, Anthem Lumenos, Core, Core Medicare, Anthem Blue Cross Medicare PPO and High Option Supplement to Medicare.
According to Anthem, the information accessed through the attack includes member names, member health ID numbers/Social Security numbers (Anthem does not possess Social Security numbers for UC students), dates of birth, addresses, telephone numbers, email addresses, and employment information such as the member's UC campus or medical center location and, for retirees and former employees, the separation date.
Anthem has created a dedicated website AnthemFacts.com, where current and former Anthem members can find information. Members may also call 1-877-263-7995.
UC is in communications with Anthem to understand the effect of this data breach on current and former Anthem members. Here is a summary of information Anthem has provided:
- Anthem's investigation to-date shows that no confidential health information (e.g., no claims information and no diagnoses) was accessed.
- Anthem has advised UC that there is no indication at this time that any employees', retirees' or students' personal information has been misused.
- Anthem will enroll members affected by the attack in identity repair services. In addition, impacted members will be provided information on how to enroll in free credit monitoring. Anthem will notify affected members only by mail sent through the U.S. Postal Service.
- Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the Federal Bureau of Investigation (FBI) and began to fully cooperate with their investigation. Anthem has also retained Mandiant, one of the world's leading cybersecurity firms, to provide incident response and security assessment services.