The recent hack of Anthem Blue Cross puts millions of people who have health insurance with the company at risk. It appears the hack is sufficiently pervasive for hackers to gain access to nearly all customer information maintained by the health insurer including the holy grail of identity theft – social security numbers. If you are or have been insured by Anthem Blue Cross, following is a plan of attack for limiting the damage of the hack.
As you can imagine, Anthem has been hesitant to reveal anything in particular about the hack of its systems. Piecing information together, it appears hackers gained access to Anthem data after a malicious bit of malware type software was loaded onto the computer of a high-level employee. The login information for that employee was then copied and used to gain access to the system.
Scarily, the discovery of the hack only happened after another employee noticed someone in the Anthem system was using their identity to query large amounts of customer data. Given this, there is no telling how long the hack has been in place nor the scope of data accessed by the hackers.
Unlike many hacks, the Anthem breach is a significant threat to its customers. The problem with the Anthem hack is the perpetrators gained access to customer information including:
- Social security number,
- Income levels,
- Birth date,
- Legal name, and
This information constitutes a treasure trove for identity thieves. A hack of a company such as Home Depot, in contrast, only produces a name and credit card number. Besides burning duplicate credit cards that will quickly be shut down, this information is of little use. With the Anthem data, thieves can open new credit accounts, sell the information to people seeking new identities and undertake a number of other actions that will cause you no end of nightmares. Anthem customers must respond pro-actively to this threat.
Contact Credit Agencies
If you are a current or former customer of Anthem, you should contact the three major credit monitoring agencies to place a “fraud alert” on your account. The alert tells creditors to contact you at a phone number you provide before issuing any new credit in your name. This notification helps prevent thieves from taking out loans or opening credit cards in your name. The alert lasts for 90 days, and you can renew it. There is no cost to place a fraud alert. You can reach each agency as follows:
- Experian: 888-EXPERIAN
- Trans Union: 800-680-7289
- Equifax: 888-766-0008
You can also seek a freeze on your credit. You must pay for the freeze, but the cost is usually nominal – $10 or so. Use the same contact numbers above to place the freeze with each institution.
To its credit, Anthem is stepping up to assist customers at this time as well. The company is arranging for free credit monitoring for you through AllClear ID. Anthem is also providing you with free identity theft insurance through the same company. If a problem arises, AllClear will work to resolve it and cover the costs of doing so through the insurance. Visit AnthemFacts.com to learn more about the free protection.
The Anthem hack is not just another company suffering a data breach given the exposure of social security numbers. If you are or have been a customer of Anthem, make sure to take steps to protect your identity and credit profile.
Richard A. Chapo, Esq.