If you are one of the up to 80 million subscribers of Anthem and its affiliated organizations, some of your vital data may be at risk. While you'll be notified by US mail if you are among that number, there are some immediate steps you should take to protect yourself if you think you may be affected. We'll discuss what happened, why it's important, what actions you should take and we'll provide some key resources for more information.
Anthem suffered a major hacking attack that exposed vital data for up to 80 million current and former customers and employees. The data included names, addresses, Social Security numbers, birthdays, email and employment information. Anthem said that it does not believe medical or healthcare information was compromised. Impacted plans include: Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare.
Learn more at www.AnthemFacts.com or call the Anthem toll-free number which was set up to respond to questions 1-877-263-7995.
What Anthem is doing
Anthem will contact current and former members in writing via U.S. postal service mail to offer details about the breach, whether you've been affected and how to enroll in free credit monitoring and ID protection services. Reports say these services will be provided for a year.
Why it matters
It seems like there is a security leak every week, so why is this one different? If this were a credit card, you could cancel the card or change passwords -- but if your Social Security number is exposed, you can't change that. Plus, because it is exposed with other key data, you would be ripe for identity fraud. Hackers could use your data to steal your identity, to lock you out of accounts or to open new lines of credit. Unfortunately, this is not a problem that will be quickly resolved -- hackers could hang on to data and use it in future years. Some security experts say this vulnerability creates a lifelong problem.
What you should do now
Do not panic, but if you think you may be exposed, take action to protect yourself right now - it may be a week or two before you hear from Anthem. Here are some steps that security experts recommend.
Be hyper vigilant about scams
There are already reports of bogus phone calls and phony emails trying trick you into giving up more data. Scams might pretend to be Anthem offering free credit monitoring or they may claim to be a credit protection service. Anthem said it will contact its customers only via mail delivered by the U.S. Postal Service. Calls and emails may look and sound realistic but Anthem says:
- DO NOT click on any links in email
- DO NOT reply to the email or reach out to the senders in any way.
- DO NOT supply any information on the website that may open, If you have clicked on a link in email.
- DO NOT open any attachments that arrive with email.
File for annual free credit reports
You are eligible to get a free report from each of the three major credit bureaus - Experian, Transunion and Equifax - every12 months. Be sure to use the only FTC authorized site www.annualcreditreport.com to request your reports. When you get reports look for unauthorized or unexplained activity. Here is what to look for on your reports.
Place a fraud alert on your credit reports
Use one of the three credit reporting companies to put a fraud alert on your credit report. The FTC says that if you request a fraud alert from one, "They must tell the other 2 companies. An initial fraud alert can make it harder for an identity thief to open more accounts in your name. The alert lasts 90 days but you can renew it." Mark your calendar to renew in 90 days. Here is more info on How to place a fraud alert
Monitor your financial accounts
Check your bank accounts, 401k and brokerage accounts, credit and debit card accounts regularly. Watch for suspicious activity such as transactions you don't recognize and report it immediately. See: How to spot fraud.
File your taxes early.
Many experts suggest that you file taxes early. The Connecticut Commissioner of Insurance says that the personally identifiable information “is exactly what tax fraud thieves use to make false refund claims that appear to be legitimate.” But again - watch out for the very common tax scams that promise to help you get your refund sooner.
Change passwords to key accounts.
Change your password for your Anthem account. it's also a good time to change the password for key financial accounts - which you should change periodically anyway. Use a different password for every important account. Learn how to make and test secure passwords. You might consider the added security of a password manager and 2-factor authentication.
Make copies of your medical records
Anthem says there is no evidence that financial or medical information was compromised, but some security experts suggest that "just in case," consumers may want to get or create a copy of their medical file so they have an accurate version of their history.
Consider Identity Theft insurance or protection
Your current homeowners or other insurance policies may protect you against some fraud. Learn more about identity theft insurance and what it does and doesn't cover.
If you believe you are the victim of identity theft
File and obtain a police report from your local police department and report fraud to the FTC. Having an Identity Theft Report may limit your liability for fraudulent accounts created in your name.
If you have reason to think you have been compromised, you can initiate a credit freeze to lock down your credit. The FTC says: "Also known as a security freeze, this tool lets you restrict access to your credit report, which in turn makes it more difficult for identity thieves to open new accounts in your name. That’s because most creditors need to see your credit report before they approve a new account. If they can’t see your file, they may not extend the credit." However, while credit is frozen, it might affect your needs too so be sure to read Credit Freeze FAQs .
More tips from security experts
Anthem hack: Seven ways to protect yourself right now
Anthem breach: 5 defensive tips to take now
Phishers Pounce on Anthem Breach
Anthem question line: 1-877-263-7995.
Annual Free Credit Reports
FTC - Identity Theft - immediate steps to repair identity theft and credit
FTC - Signs of Identity Theft
Who's my State Attorney General
ESI employee members and their families can log in to the Member site to access Cyber Safety Resources for more tools and information on cyber security, phishing, passwords and more.
Employers: If you don't have an EAP or would like to check out alternatives, Employee Assistance Program give us a call: 800-535-4841.