Cybersecurity Breaches: What You Need to Know
Anthem Blue Cross Blue Shield and Premera Blue Cross have reported cybersecurity breaches affecting the personal information of more than 91 million policyholders - as many as one in four Americans. State insurance regulators are monitoring the breaches and urge you to take precautions to protect yourself from theft and identity fraud.
What happened?
In late January 2015, Anthem discovered the unauthorized access of consumer information including member names, member health identification numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses, employment information and income data.
In mid-March 2015, Premera announced that it discovered consumer information had been compromised including applicants and members' information, which could include member name, date of birth, email address, address, telephone number, Social Security number, member identification numbers, bank account information, and claims information, including clinical information. Individuals who do business with Premera and provided their email address, personal bank account number or Social Security number are also affected.
What are the companies doing to protect my information?
Anthem notified the Federal Bureau of Investigation once the breach was discovered, and is working with a cybersecurity firm to evaluate the extent of the attack. They have sent notices to their customers and are responding to consumer questions. They will be providing free credit monitoring and identity protection services to all who were affected.
Premera is also working with the FBI and a cybersecurity firm and are providing consumers with two years of free credit monitoring and identity theft protection from Experian ®. Premera is beginning to mail letters to affected individuals. If you believe you may have been impacted and have not received a letter by April 20, 2015, you should call 800-768-5817.
What should I do now?
Most importantly, stay calm, but continue to monitor your personal financial information. Both companies have said they are not yet aware of any fraudulent activity against policyholders because of the breach. However, as with any data breach, you should be on the lookout for suspicious account activity or anyone asking to collect sensitive information, like usernames, passwords and credit card information (referred to as phishing). It is important that you take action immediately to protect yourself.
If you are an Anthem consumer, call 877-263-7995, the toll-free number they have established to assist consumers. Anthem has also set up a special website at www.anthemfacts.com to answer questions.
If you think you might be affected by the Premera breach, visit http://www.premeraupdate.com/ or call 800-768-5817.
As an added precaution, you should type in the web address directly. Do not click on any links sent to you in an email or via social media, as scammers will try to take advantage of the breach. Often they will send phishing emails that appear to be from your bank or the company offering to help.
You may want to consider placing a freeze on your credit report with the three major credit reporting agencies. This allows you to restrict access to your credit report, making it more difficult for identity thieves to open new accounts in your name. Be sure to protect the information of your family as well – including children and elderly parents. For more information about a credit freeze, visit the Federal Trade Commission's Consumer Information Credit Freeze FAQs. Contact your bank or credit card company if you notice suspicious activity on your account. You may ask them to put a security block on your account or preemptively request a new credit or debit card.
Make sure to closely monitor your accounts, credit score, bank, credit card and other financial information. You should also monitor Explanation of Benefits (EOB) forms from your health insurer or Medicare. If you spot charges for medical services you did not receive, contact your health insurer or Medicare immediately.
More Information
For more information, contact your state insurance department.
About the National Association of Insurance Commissioners
As part of our state-based system of insurance regulation in the United States, the National Association of Insurance Commissioners (NAIC) provides expertise, data, and analysis for insurance commissioners to effectively regulate the industry and protect consumers. The U.S. standard-setting organization is governed by the chief insurance regulators from the 50 states, the District of Columbia and five U.S. territories. Through the NAIC, state insurance regulators establish standards and best practices, conduct peer reviews, and coordinate regulatory oversight. NAIC staff supports these efforts and represents the collective views of state regulators domestically and internationally.