Earlier this morning, some
employees were alerted through e-mail or news outlets that Anthem experienced a sophisticated
attack on their databases. Anthem has exhaustively been working with the
FBI, security experts, and federal and local regulators (including our
Department of Insurance) to contain the issue and move forward. While
still determining the extent of the attack, potentially up to 80 million
current and former Anthem customers' personal information may have been
compromised, including employees covered under State medical or vision plans.
The State Personnel Department is in close contact with our Anthem affiliates to provide you the latest information available. In the meantime, Anthem has committed to:
- Individually notifying current and former members whose information has been accessed.
- Providing credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind.
- Creating a dedicated website (www.AnthemFacts.com) where members can access information such as frequently asked questions and answers.
- Establishing a dedicated toll-free number that both current and former members can call if they have questions related to this incident. That number is: 1-877-263-7995.
For those members that do not have a registered e-mail with Anthem, text of the message sent this morning is included below. SPD will provide additional information as it becomes available.
February 5, 2015
To Our Members:
Safeguarding your personal, financial and medical information is one of our top
priorities, and because of that, we have state-of-the-art information security
systems to protect your data. However, despite our efforts, Anthem Blue Cross
Blue Shield was the target of a very sophisticated external cyber attack. These
attackers gained unauthorized access to Anthem’s IT system and have obtained
personal information from our current and former members such as their names,
birthdays, medical IDs/social security numbers, street addresses, email
addresses and employment information, including income data. Based on what we
know now, there is no evidence that credit card or medical information (such as
claims, test results or diagnostic codes) were targeted or compromised.
Once the attack was discovered, Anthem immediately made every effort to close
the security vulnerability, contacted the FBI and began fully cooperating with
their investigation. Anthem has also retained Mandiant, one of the world’s
leading cybersecurity firms, to evaluate our systems and identify solutions
based on the evolving landscape.
Anthem’s own associates’ personal information – including my own – was accessed
during this security breach. We join you in your concern and frustration, and I
assure you that we are working around the clock to do everything we can to
further secure your data.
Anthem will individually notify current and former members whose
information has been accessed. We will provide credit monitoring and identity
protection services free of charge so that those who have been affected can
have peace of mind. We have created a dedicated website - AnthemFacts.com - where members can access information such as frequent questions and
answers. As we learn more, we will continually update this website and share
that information with you. We have also established a dedicated toll-free
number that both current and former members can call if they have questions
related to this incident. That number is: 1-877-263-7995.
I want to personally apologize to each of you for what has happened, as I know
you expect us to protect your information. We will continue to do everything in
our power to make our systems and security processes better and more secure,
and hope that we can earn back your trust and confidence in Anthem.
Sincerely,
Joseph Swedish
President and CEO
Anthem, Inc.
|