The nation’s second largest health insurer, Anthem, alerted its customers on Wednesday that hackers had stolen the personal information of likely tens of millions of customers.
Personal information including addresses, birthdays, medical identification numbers, social security numbers and some income data belonging to both current and former customers were swept up in the cyber attack, according to a statement from Anthem CEO Joseph Swedish. In somewhat of a silver lining, at this time the company does not believe the hackers stole any medical information or payment information.
He wrote the company is notifying members individually if their information was accessed.
“Anthem’s own associates’ personal information – including my own – was accessed during this security breach,” he wrote. “We join you in your concern and frustration, and I assure you that we are working around the clock to do everything we can to further secure your data.”
Swedish wrote the insurer has notified the FBI and has fully cooperated with their investigation. He added the company has also brought on cybersecurity firm Mandiant, the firm that exposed ongoing cyber attacks from the People’s Libertarian Army in 2013. Despite these efforts, the company has not yet identified the attacker.
USA TODAY reports the attack could impact up to 80 million Anthem customers, double the number of payment cards affected by the breach of Target last year.
Although this announcement feels all too familiar following the string of recent hacks on companies ranging from Sony to JP Morgan, the Wall Street Journal notes this breach differs from others because Anthem discovered the breach itself and quickly notified the public. Hopefully for consumers, this marks a shift in how companies will approach similar hacks in the future.
The hack affected a wide array of Anthem brands, including Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare.
The company has set up a website and a toll-free number (1-877-263-7995) for customers to access updates and ask questions related to the hack. The company will also provide a credit monitoring and identity protection service free of charge.