Thursday, February 05, 2015

Anthem Hacked [UPDATED]

Picking up on where Bob left off ...

As you've no doubt already heard, hackers were able to gain access to Anthem's systems, and access the personal information of both clients and employees (it's not clear whether "employees" include independent agents/brokers who represent the carrier). All told, it appears that over 80 million folks were affected.

To its credit, Anthem sent out an email last night addressing the problem:

To our valued business partner:

Safeguarding your clients’ personal, financial and medical information is one of our top priorities, and because of that, we have state-of-the-art information security systems to protect your data. However, despite our efforts, Anthem was the target of a very sophisticated external, cyber attack. These attackers gained unauthorized access to Anthem’s information technology (IT) system and have obtained personal information from our current and former members such as their names, birthdays, member ID/Social Security numbers, street addresses, email addresses and employment information, including income data. Based on the information we know now, there is no evidence that banking, credit card, medical information (such as claims, test results, or diagnostic codes) were targeted or compromised.

Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the Federal Bureau of Investigation (FBI) and began fully cooperating with their investigation. Anthem has also retained Mandiant, one of the world’s leading cybersecurity firms, to evaluate our systems and identify solutions based on the evolving landscape. [ed: emphasis added, see below]

Anthem’s own associates’ personal information was accessed during this security breach. We join you in your concern and frustration, and we assure you that we are working around the clock to do everything we can to further secure your clients' data.

Anthem will individually notify current and former members whose information has been accessed. We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind. We have created a dedicated website ( where members can access information such as frequently asked questions and answers. We have also established a dedicated toll-free number that both current and former members can call if they have questions related to this incident. That number is: 1-877-263-7995. As we learn more, we will continually update this website and share that information with you.

We want to personally apologize to you and your clients for what has happened, as we know you expect us to protect your information. We will do everything in our power to make our systems and security processes better and more secure, and hope that we can earn back your trust.


Ken Goulet
President, Commercial and Specialty Business

Erin Hoeflinger
Ohio Plan President


Regarding Mandiant and cyber-remediation: on the one hand, this seems very much like closing the barn door. On the other, at least they recognize their vulnerability, and are seeking to mitigate and minimize it. One suspects that Mandiant (and its competitors) will be very busy going forward, as other insurers take stock of their own potential weak spots.

UPDATE: FoIB Holly R catches this from Bloomberg:

"... hackers obtained data on tens of millions of current and former customers and employees"

And asks: "How former?"

Good question, disturbing implications.
blog comments powered by Disqus