Skip to main content

Anthem Blue Cross Security Breach (Individual Health)

Anyone who has recently applied for individual health insurance with Anthem Blue Cross and been assigned an online application tracker link needs to be aware of the following unauthorized security breach. Affected applicants will receive notification with details and one year of free identity protection services. No agent has been or likely will be notified of specific applicants (if any) who were affected.

PHI Breach by Individual Applicant, Attorneys

Anthem Blue Cross recently learned of a situation in which a small number of individuals manipulated the web address within the website we use to allow people to track the status of their Individual insurance applications. Through this manipulation, some of these individuals gained unauthorized access to certain private information.

The vast majority of the manipulation and the resulting unauthorized access occurred at the hands of certain attorneys, who were representing an applicant. We believe that this manipulation was conducted to support a class action lawsuit against Anthem Blue Cross or its parent company - over the very breach they were committing.

The ability to manipulate the web address (URL) was available for a relatively short period of time following an upgrade to the system. After the upgrade was completed, a third party vendor validated that all security measures were in place, when in fact they were not. As soon as the situation was discovered, we made the necessary security changes to prevent it from happening again.

Anthem has worked since discovery of this matter to analyze the data in an effort to identify all individuals whose information may have been impacted and prepared to communicate directly to affected members and applicants as soon as possible.

We have received no indication that any information has been used in a way that is detrimental to the applicant; however, out of an abundance of caution, all appropriate applicants will receive a detailed notification from Anthem explaining what happened, and will be offered identity protection services for one year at no cost.

Note: This does not impact Group, Senior or State-Sponsored Business.


  1. Ok so I received a letter from Anthem and am somewhat pissed off. Should one year of free monitoring put my mind at ease? No. What happens five years from now when this list resurfaces? What sort of recourse do I have then?

  2. I also received the letter authorizing my Minor Child to have Identity Theft protection. What about us, the parents, whose SSN and other ID information is associated with her records? Why are WE not covered by the Identity Theft protection??!

  3. Anonymous--

    Sorry it took so long to respond – I wanted to make sure I had the correct answer for you. I just found out we will be sending a separate letter to those who submitted an application for a minor. This explain will clarify that they will have the opportunity to sign up for free credit monitoring if their information was on the application.

    Here is how our customer service reps will respond to this question.

    Q. If a parent or legal guardian applied for individual insurance for a dependent/minor, and their personal information was accessed, will they be also be eligible for credit monitoring?

    A. Yes. We will communicate by letter to parents or legal guardians who applied for individual insurance for a minor, if their information could have been accessed.

    So it is in process to provide protection to any parents/guarians whose information may have been compromised on the minor's application.


  4. As a recipient of the letter from Anthem, I am extremely angry that this kind of breach was allowed to occur. One year of identity protection is not enough to make up for all the hassle of protecting the excellent credit I have spent years creating.
    As a self-employed individual, who pays for my time to correct their mistake?
    I certainly hope the CEO will be taking the money out of his own exhorbitant salary and not put it on the backs of people already paying too high premiums.
    Last thing I want to do I sign up for the class action lawsuit?

  5. Here is my question, The application was placed under my name, but the letter was sent to my spouse. Only one activation code was given. Will we also receive another letter like the parent's of the minor child?

    I also want to know if we can jump on the band wagon of filing suite for breach of confidentiality?

    I also want to know what we can do to push for protection for the rest of our lives? This information could resurface at any time. I think the one year protection is like BP trying to cap the oil spill in a "resonable" amount of time. There is a difference between prevention and treatment. I feel we are being victimized twice and yes it also pisses me off!

  6. So let's get this straight. Insurance companies expect us to pay constant rate hikes, deny care, and we're suppose to be O so forgiving of a MASSIVE BREACH of our personal information?

    I had my social security number stolen once in the past but some illegal immigrant. Once was enough.

    What I want to know, with upwards of 800,000 people being a victim, where's the lawyer to pick up a class action suit here? I don't care to alleviate my rights for "one year of credit monitoring".

    A criminal who might have my information can do YEARS OF DAMAGE. I learned that above when some illegal stole my credit card number somehow (and I'm very careful to shred EVERYTHING).

    All I have to say is I hope some ambulance chaser takes on the case against Anthem. My information and that of 100s of thousands of others may be floating out there for someone to utilize.

    Piece of mind...

  7. Great job Anthem! Our info was put to use by ID thieves out of Oakland and has caused nothing but chaos with our accounts.

    1 year of theft protection? Are you kidding? This needs to be a flat out class action lawsuit.

  8. I have not heard anything specific regarding a lawsuit about this identity theft. If I do, I will post a blog on it so that those affected can contact the appropriate parties.

    My sympathies to anyone who has been adversely affected by this security breach.


Post a Comment

Popular posts from this blog

Anthem Blue Cross (CA) Adding SilverSneakers® Fitness Program

Anthem Blue Cross (CA) announced this morning that they will be adding the SilverSneakers Fitness Program to California Medicare Supplement Plans A, F, and N.  The added benefit will begin on January 1st, 2017. 

Once approved for release into the market, more states have been added to the list as existing and new members in our marketed plans will enjoy the value-added benefits of the SilverSneakers Fitness program at no additional cost! Effective January 1, 2017, California members in our marketed plans will enjoy SilverSneakers, too.  The program offers members their choice of paths to better health. For those who enjoy a traditional workout setting, SilverSneakers offers access to more than 13,000 fitness locations across the country, including use of classes and guidance from a Program AdvisorTM. In addition, for those who can’t get to a fitness center, SilverSneakers Steps® kits focus on at-home or on-the-go general fitness, walking, strength training or yoga. And if that is not …

Anthem Blue Cross Announces Innovative F Medicare Supplement Plan for CA

Anthem Blue Cross (CA) has announced that they are releasing a new Medicare Supplement (Medigap) Plan for California residents.  The plan will be available beginning January 1st, 2018.

'Innovative F' will offer benefits not covered by a Medicare Supplement base plan.  These will include a hearing benefit (exam, fitting and allowance) and a vision benefit (exam, lens co-pay and allowances for frames and contact lenses).

Anthem states that the Innovative F will have a very competitive premium rate.  Innovative F will include the Silver Sneakers fitness program and will be eligible for the Plan F 'new to Medicare' $20 per month first year discount.


What Multi State Plan (MSP) Really Means (Covered CA)

Lots of confusion on this term and many people think it involves coverage across state lines.  It does not.

This explanation from Anthem Blue Cross is the best one I have seen:

The U.S. Office of Personnel Management (OPM) Multi-State Plan Program (MSPP) was recently established under the Affordable Care Act. It directs the OPM to contract with health insurance carriers to offer at least two plans (one at the silver level and one at the gold level) in each local exchange. The MSPP is intended to promote competition in the Marketplace and help ensure consumers have more high-quality, affordable health insurance options. All MSPP plans will include “a Multi-State Plan” at the end of their name when listed on the exchange - this designates it as an OPM-sponsored plans.  It does NOT mean that consumers selecting the plan will have health plan coverage in multiple states.Select silver and gold level Individual plans that our company currently offers have been designated as OPM-sponsored MSPP…