Anthem issues update on client data breach

February 11, 2015

PrintAnthem President and CEO Joseph R. Swedish has issued the following statement regarding the data breach of the company’s information systems last week:

Last week, we made you aware that Anthem was the target of a very sophisticated external, cyber-attack. Since that time, we have been working around the clock continuing our assistance in the FBI investigation; analyzing the data to understand the impact to our members; responding to questions from our clients, members and partners; and securing a best-in-class vendor to provide identity protection services to our members as quickly as possible.

To that end, we understand that you and your employees – our members – are eager to receive more information about how to enroll in the credit protections we are providing. Starting this Friday, Feb. 13, current and former Anthem members whose information was included in the database that was compromised, can visit AnthemFacts.com to learn how to enroll in two years of free credit monitoring and identity theft repair services provided by our vendor – a leading and trusted identity protection provider. Members can access these services starting Friday, Feb. 13, prior to receiving a mailed notification from Anthem, which will be sent in the coming weeks.

The free identity protection services provided by Anthem include two years of:

  • Identity Repair Assistance: Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member’s credit, and ensure the member’s identity is returned to its proper condition. This assistance will cover any fraud that has occurred since the incident first began.
  • Credit Monitoring: At no cost, members may also enroll in additional protections, including credit monitoring. Credit monitoring alerts consumers when banks and creditors use their identity to open new credit accounts.
  • Child Identity Protection: Child-specific identity protection services will also be offered to any members with children insured through their Anthem plan.
  • Identity theft insurance: For individuals who enroll, the company has arranged for $1,000,000 in identity theft insurance, where allowed by law.
  • Identity theft monitoring/fraud detection: For members who enroll, data such as credit card numbers, Social Security numbers and emails will be scanned against aggregated data sources maintained by top security researchers that contain stolen and compromised individual data, in order to look for any indication that the members’ data has been compromised.
  • Phone Alerts: Individuals who register for this service and provide their contact information will receive an alert when there is a notification from a credit bureau, or when it appears from identity theft monitoring activities that the individual’s identity may be compromised.

Industry standards under similar circumstances are to provide credit monitoring services for one year; however, we are exceeding these standards and providing these identity protection and credit monitoring services to all impacted members for two years, in response to your concerns. This has been our priority from day one, to be transparent, protect your data and to give our members peace of mind.

We have been working to arrange for these credit monitoring and identity theft protection services since the attack on our systems was discovered. Doing so has required enormous efforts and commitment of resources to ensure that our vendor can accommodate what we anticipate will be very high demand for these services. It was essential that we work with the vendor to develop the infrastructure to handle a high volume of calls and web traffic, and to train representatives to accurately answer questions from our members. Our goal is to provide peace of mind, while minimizing frustration for our members. We are able to provide these services 11 business days after discovery of the attack.

We will distribute press releases in our markets on Friday announcing the identity protection services are available. We will also send letters in the mail to our members in the coming weeks with information on how to sign up for services. We will share a copy of these communications with you before they are distributed.

We will continue to provide updates as we learn more about the attack, and we are here to answer your questions to the best of our ability.