Anthem Data Breach

Gov Delivery Notifications
anthem logo

Consumer Tips Regarding Anthem Data Breach

Anthem Blue Cross Blue Shield reported that it was a victim of a cyberattack and there was a breach involving the personal information of more than 2 million Missourians. The Missouri Department of Insurance is monitoring the Anthem security breach and wants to help affected policyholders protect themselves.

Updated Information as of Feb. 23, 2015

Anthem has provided information to the Department that shows one in three Missourians' personal information was compromised during the breach. Members who have provided e-mail addresses to Anthem and have opted in to receiving communication may receive an e-mail directing them to visit AnthemFacts.com to sign up for credit protection services.

This e-mail is scheduled to be distributed the week of Feb. 16.

A copy of the email will be posted on AnthemFacts.com, and is the exact information in the letters members will receive via US Postal Service. It will not ask for personal information and will not contain a link to any websites other than AnthemFacts.com.

Current and former Anthem members dating back to 2004 whose personal information was included in the database that was compromised can now visit AnthemFacts.com to learn how to enroll in two years of free credit monitoring and identity theft repair services provided by AllClear ID.

It is important for consumers to know they can access these services prior to receiving notification from Anthem. Those notifications will be mailed to affected consumers in the coming weeks. Consumers will be able to access these services at any time during the 24-month coverage period.

The free identity protection services provided include two years of:

  • Identity Repair Assistance - Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member’s credit, and ensure the member’s identity is returned to its proper condition. This assistance will cover any fraud that has occurred since the incident first began.
  • Credit Monitoring - At no cost, members may also enroll in additional protections, including credit monitoring. Credit monitoring alerts consumers when banks and creditors use their identity to open new credit accounts.
  • Child Identity Protection - Child-specific identity protection services will also be offered to any members with children insured through their Anthem plan.

Identity theft repair services are available to Anthem members who feel they have experienced fraud. For members who have been impacted by the cyberattack, these services are automatically available and do not require enrollment.

Additional protections through credit monitoring services require members to actively enroll because members must provide their personal information and consent to have their credit monitored.

For more information about how to enroll in the services offered by Anthem, visit AnthemFacts.com

What happened?

On Jan. 29, 2015, Anthem discovered the unauthorized access of consumer information including member names, member health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information and income data. The breach was discovered by a database administrator who noticed his credentials were being used without his knowledge or consent. The database access was immediately shut down and every Anthem employee was required to reset their passwords. Anthem currently has 37 million enrollees nationwide. The data compromised could also include past enrollees – potentially up to 80 million people could have information compromised.

What is Anthem doing to protect my information?

Anthem notified the Federal Bureau of Investigation once the breach was discovered, and sent notices to Anthem consumers responding to consumer questions. Anthem is also working with a cybersecurity firm to evaluate the extent of the attack. Anthem will notify affected consumers by the U.S. Post Service. They are providing free credit monitoring and identify protection services to all who were affected.

What is the Department doing?

The Department is meeting regularly with Anthem to determine how many Missourians were impacted by the breach. The Department will continue to monitor the situation to ensure impacted consumers receive resources they need to avoid financial distress as result of the breach.

The Department works collaboratively with other state insurance regulators throughout the country, through the National Association of Insurance Commissioners (NAIC). Given the potential scope of the breach and the number of consumers impacted, the NAIC is taking the unprecedented action of launching a multi-state examination of the Anthem companies. The NAIC indicates that it anticipates all 56 states and territories will sign on to the examinations, which will be inclusive of all subsidiaries and affiliates of Anthem affected by the breach. States with significant Anthem business will take the lead. Those states include Missouri, Indiana, California, Maine, North Dakota, South Carolina and New Hampshire.

What should I do now?

Most importantly, stay calm and continue to monitor the situation closely. Anthem has said it is not yet aware of any fraudulent activity against policyholders that has occurred as a result of the breach. However, as with any data breach, be on the lookout for suspicious activities that may try to phish or collect sensitive information, like user names, passwords and credit card information. It is important that you take action immediately to protect yourself.

Call (877) 263-7995, the toll-free number Anthem has established to assist consumers. Anthem has also set up a special website at AnthemFacts.com to answer questions. Be sure to type in the web address directly. Do not click on any links sent to you in an email or via social media, as scammers will try to take advantage of the breach. Often they will send phishing emails that appear to be from your bank or Anthem offering to help. Consumers can also contact the Department of Insurance Consumer Hotline at 800-726-7390.

You may want to consider placing a freeze on your credit report with the three major credit reporting agencies. This allows you to restrict access to your credit report, making it more difficult for identity thieves to open new accounts in your name. Be sure to protect the information of your family as well – including children and elderly parents. For more information about a credit freeze, visit the Federal Trade Commission's Consumer Information Credit Freeze FAQs.

Contact your bank or credit card company if you notice suspicious activity on your account. You may ask them to put a security block on your account or preemptively request a new credit or debit card.

Make sure to closely monitor your accounts, credit score, bank, credit card and other financial information.