Anthem Health Insurance formerly known as WellPoint and owners of the famed BlueCross BlueShield service reported today that hackers had penetrated its computer network gaining access to a treasure trove of customer and employee information including that of company CEO Joseph Swedish.
Anthem is the nation’s second-largest health insurer covering nearly 37 million people. The company said it was contacting customers impacted by the “very sophisticated” cyberattack and was working to figure out how many of its customer are at risk due to the hack.
Anthem reported that the hackers gained access to customer’s names, birth dates, email addresses, employment details, Social Security numbers, income information and street addresses of people who are currently covered or have been covered in the past.
The Indianapolis-based insurer said credit card information was not lost and it has no evidence that medical information, insurance claims or test results were targeted or obtained.
The insurer admits that all of its product lines were affected including Anthem Blue Cross, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield and Amerigroup.
Anthem sells mainly private individual and group health insurance and dental and vision coverage. It also sells plans on the public insurance exchange and Medicare and Medicaid.
Anthem is working with FBI to investigate the attack and the company has hired Internet security company Mandiant to bolster its network defenses. The insurer will provide free credit monitoring and identity protection services.
The FBI urged Anthem customers contacted by the insurer to report suspected instances of identity theft.
Breaking It Down
Another sophisticated attack with millions of identities lost. There are a few things you need to pay careful attention to in this news story because I smell what the bull left in the yard.
First of all a company of this size has the methods and the budget to protect customer information from any attack no matter how sophisticated. I’m betting it was some failure on their part that this happened and if you watch the news in the next few weeks it will come out. I promise you that!
Second, who cares if the CEO’s information was lost? Thirty-seven million people are at risk from this attack and Anthem thinks it makes a difference that the CEO is one of them. Tell him I said welcome to the club! And who gives a damn if no insurance records or insurance claim information or credit card information were compromised? If I read the reports right what was lost included customer’s names, birth dates, email addresses, employment details, Social Security numbers, income information and street addresses of people who are currently covered or have ever been covered was stolen! So what else does the hacker need? The person or persons took exactly what they wanted and has no need for the rest of that crap!
Finally, when this type of attack is revealed then the FBI should be looking at the company as being criminally negligent in the protection of your data. Why? Because as the customer who lost this sensitive information, you can’t do a damn thing to them! Let me make sure you understand this. The courts have ruled you can’t sue for any compensation for your lost information unless you can prove some harm came to you as a result of the loss. So you need to go through the hell of finding out someone stole your identity, bought a house and car, took a vacation to Fiji and stuck you with the bill. Then you can get a lawyer and file a lawsuit and go up against a major corporation with a multi-million dollar legal budget to fight you. I told you, I smell what the bull left in the yard!