Anthem, the nation’s second-largest health insurer, revealed this week that hackers stole potentially tens of millions of insured and employee records, including names, Social Security numbers, birthdates, medical identification, street addresses, email addresses and income data for employees.
The attack represented a “very sophisticated” effort by cyber criminals, Anthem reported, in a letter to customers and the public from President and CEO Joseph R. Swedish.
“Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation,” Swedish stated in the letter, adding that his own personal information was accessed.
Swedish said Anthem retained cybersecurity firm Mandiant to look at the company’s systems and identify solutions.
A full forensic investigation is underway, the insurer reported, the cost of which may be defrayed in part by cyber insurance coverage. According to documents obtained by Advisen, Anthem has a $10 million primary cyber policy, covering losses after retaining $5 million.
The firm also recently secured an excess coverage shared by several Lloyd’s syndicates, effective January 31, 2015, for an additional $15 million.
Anthem, which according to reports detected the attack on its own, has found no evidence that credit card data or sensitive medical records such as claims, test results or diagnostic codes were accessed.
The affected brands include Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare, across all product lines. Based in Indianapolis, Anthem merged with Wellpoint in 2004 to form its current structure.
The attack and the type of information stolen could leave consumers open to a frequently unacknowledged but increasing risk – medical identity theft, which is not always detected by traditional credit monitoring services.
Per the Coalition Against Insurance Fraud, “Medical thieves can heist your health-insurance number, Social Security number and other personal information. Often the information is stolen by employees at medical facilities, and resold on the black market. Thieves also may hack into medical databases or break into medical facilities.”
According to the Federal Trade Commission, signs of medical identity theft include bills for medical services the true insured didn’t receive; debt collections attempts over medical bills not incurred by the insured; collection notices on credit reports for unfamiliar medical debts; notices from insurers that benefit limits have been reached; and denials of services for medical conditions the insured does not have.