Anthem Was Hacked

[scagnt83]

A client forwarded me an email from Empire/BCBS. Here is an excerpt:

Empire BlueCross was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Empire's IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information (such as claims, test results or diagnostic codes) were targeted or compromised.

They have set up a web page about the hack:
http://anthemfacts.com

 

[AllenChicago]

Anthem and it's subsidiaries are trying to underplay the magnitude and importance of the data that was accessed.

First, they want to make sure the world knows that it was an "outside" hacker. Not one of their angel employees.

Second, they try to comfort you with.. "even though the hackers now have every bit of your Personal Identifying Information, not to worry, because they didn't find out that you had a hernia in 1974. We protected THAT database!"

Jonathan (people are stupid) Gruber helps big insurers word their letters, apparently. That's why they didn't come to their policyholder's defense when he was insulting all insurance buyers.
ac

 

[somarco]

Not one of their angel employees.

They (probably) don't know. Easiest way for hackers to get in is through phishing email sent to an employee.

On another note, one possible use of the purloined data is medical identity theft.

Credit cards have upper limits of anywhere from a few hundred to several thousand dollars. Once the card is used the fraud is exposed and the card is shut down.

But a health insurance ID card or Medicare card has an unlimited line of credit that can't be tracked by credit monitoring services.

It is easy enough for a thief to make a new Bob Vineyard Anthem Blue Cross card and pay a street person $20 to pretend they are me, walk into a clinic and get a prescription for drugs. Take the prescription to a pharmacy that is in on the scam, fill the order, then sell the drugs on the street.

Anthem Blue Cross Hacked - Georgia Medicare Plans (404) 252-5859

 

[kgmom219]

Would not surprise me if the data was not encrypted.

There is no chance it was encrypted. Part of the disaster with the exchange (both ffm and state) are the carrier systems.

They probably don't even know how to spell encryption.

 

[nylife11023]

If consumers think the govt is a safe haven for your information and is more efficient than private industry then they are just plain misinformed, delusional or both.

Could you elaborate on that?

To the best of my knowledge neither social security, medicare, nor the IRS has ever been hacked.

Are you saying it is a FACT that most people feel safer with Target, Home Depot, Staples, Chase, and Anthem having their personal data as opposed to the agencies of the federal government as stated above... or is your statement above just your personal opinion, or perhaps a statement based on personal experience?

 

[insurance404]

nylife11023,
We do have a single payer type system, it's called Medicaid...most clients love the "free" program until they have to use it or find a specialist. Then they bitch and moan that it's horrible coverage.

It's a horrible system, but at least it's something...exactly the same type coverage in Canada and Europe (I do sell health and know several doc's in Canada & UK), they say the public programs are where "people go to die".

About 80% of Canadians and UK have an additional Private plan...ironically about the same 80% in the USA.

 

[somarco]

To the best of my knowledge neither social security, medicare, nor the IRS has ever been hacked.

Would you expect them to announce it?

China Has Repeatedly Hacked Veterans Affairs Databases Since 2010, Lawmaker Says - Nextgov.com

VA Systems Hacked From Abroad - DataBreachToday

Are you saying it is a FACT that most people feel safer with Target, Home Depot,

Never said that.

Go back and read my post again.

 

[scagnt83]

Corporations have a legal obligation to disclose when clients sensitive personal data has been stolen. The government does not.

 

[RayNY]

"Anthem's own associates' personal information – including my own – was accessed during this security breach. "

FYI, brokers are "associates". Whatever personal info you placed on appointment paperwork, was stolen.

As of the most recent report I've seen, it appears that all records were compromised, and none were encrypted. They're trying to figure out just how many of the records were successfully transferred, as they claim to have caught it mid-transfer and stopped it, but neglect to say which part of the transfer was stopped (took all identities, stopped in financial data, for instance).

80 MILLION+ customers, (37.5m current, the rest former clients that they kept data on) and all "associates" (employees, brokers) were compromised, to be clear. By a factor of 20, this is the biggest health insurer breach in our nation's history, and possibly, the biggest breach ever.

They can downplay it all they want, but this is serious. Home Depot/Target losing credit card data is one thing, losing an identity is a bigger problem even if they make it seem minor next to financial and health data.

 

[AllenChicago]

Perhaps a black-operation within the US Government hacked Anthem. Would give Obama's people more "We need Single Payer" leverage at the upcoming Congressional hearings into this unprecedented breach.