Skip to main content

Anthem Blue Cross Security Breach (Individual Health)

Anyone who has recently applied for individual health insurance with Anthem Blue Cross and been assigned an online application tracker link needs to be aware of the following unauthorized security breach. Affected applicants will receive notification with details and one year of free identity protection services. No agent has been or likely will be notified of specific applicants (if any) who were affected.

PHI Breach by Individual Applicant, Attorneys

Anthem Blue Cross recently learned of a situation in which a small number of individuals manipulated the web address within the website we use to allow people to track the status of their Individual insurance applications. Through this manipulation, some of these individuals gained unauthorized access to certain private information.

The vast majority of the manipulation and the resulting unauthorized access occurred at the hands of certain attorneys, who were representing an applicant. We believe that this manipulation was conducted to support a class action lawsuit against Anthem Blue Cross or its parent company - over the very breach they were committing.

The ability to manipulate the web address (URL) was available for a relatively short period of time following an upgrade to the system. After the upgrade was completed, a third party vendor validated that all security measures were in place, when in fact they were not. As soon as the situation was discovered, we made the necessary security changes to prevent it from happening again.

Anthem has worked since discovery of this matter to analyze the data in an effort to identify all individuals whose information may have been impacted and prepared to communicate directly to affected members and applicants as soon as possible.

We have received no indication that any information has been used in a way that is detrimental to the applicant; however, out of an abundance of caution, all appropriate applicants will receive a detailed notification from Anthem explaining what happened, and will be offered identity protection services for one year at no cost.

Note: This does not impact Group, Senior or State-Sponsored Business.

Comments

  1. Ok so I received a letter from Anthem and am somewhat pissed off. Should one year of free monitoring put my mind at ease? No. What happens five years from now when this list resurfaces? What sort of recourse do I have then?

    ReplyDelete
  2. I also received the letter authorizing my Minor Child to have Identity Theft protection. What about us, the parents, whose SSN and other ID information is associated with her records? Why are WE not covered by the Identity Theft protection??!

    ReplyDelete
  3. Anonymous--

    David,
    Sorry it took so long to respond – I wanted to make sure I had the correct answer for you. I just found out we will be sending a separate letter to those who submitted an application for a minor. This explain will clarify that they will have the opportunity to sign up for free credit monitoring if their information was on the application.

    Here is how our customer service reps will respond to this question.

    Q. If a parent or legal guardian applied for individual insurance for a dependent/minor, and their personal information was accessed, will they be also be eligible for credit monitoring?

    A. Yes. We will communicate by letter to parents or legal guardians who applied for individual insurance for a minor, if their information could have been accessed.


    So it is in process to provide protection to any parents/guarians whose information may have been compromised on the minor's application.

    Dave

    ReplyDelete
  4. As a recipient of the letter from Anthem, I am extremely angry that this kind of breach was allowed to occur. One year of identity protection is not enough to make up for all the hassle of protecting the excellent credit I have spent years creating.
    As a self-employed individual, who pays for my time to correct their mistake?
    I certainly hope the CEO will be taking the money out of his own exhorbitant salary and not put it on the backs of people already paying too high premiums.
    Last thing I want to know...how do I sign up for the class action lawsuit?

    ReplyDelete
  5. Here is my question, The application was placed under my name, but the letter was sent to my spouse. Only one activation code was given. Will we also receive another letter like the parent's of the minor child?

    I also want to know if we can jump on the band wagon of filing suite for breach of confidentiality?

    I also want to know what we can do to push for protection for the rest of our lives? This information could resurface at any time. I think the one year protection is like BP trying to cap the oil spill in a "resonable" amount of time. There is a difference between prevention and treatment. I feel we are being victimized twice and yes it also pisses me off!

    ReplyDelete
  6. So let's get this straight. Insurance companies expect us to pay constant rate hikes, deny care, and we're suppose to be O so forgiving of a MASSIVE BREACH of our personal information?

    I had my social security number stolen once in the past but some illegal immigrant. Once was enough.

    What I want to know, with upwards of 800,000 people being a victim, where's the lawyer to pick up a class action suit here? I don't care to alleviate my rights for "one year of credit monitoring".

    A criminal who might have my information can do YEARS OF DAMAGE. I learned that above when some illegal stole my credit card number somehow (and I'm very careful to shred EVERYTHING).

    All I have to say is I hope some ambulance chaser takes on the case against Anthem. My information and that of 100s of thousands of others may be floating out there for someone to utilize.

    Piece of mind...

    ReplyDelete
  7. Great job Anthem! Our info was put to use by ID thieves out of Oakland and has caused nothing but chaos with our accounts.

    1 year of theft protection? Are you kidding? This needs to be a flat out class action lawsuit.

    ReplyDelete
  8. I have not heard anything specific regarding a lawsuit about this identity theft. If I do, I will post a blog on it so that those affected can contact the appropriate parties.

    My sympathies to anyone who has been adversely affected by this security breach.

    ReplyDelete

Post a Comment

Popular posts from this blog

Anthem Blue Cross (CA) Adding SilverSneakers® Fitness Program

Anthem Blue Cross (CA) announced this morning that they will be adding the SilverSneakers Fitness Program to California Medicare Supplement Plans A, F, and N.  The added benefit will begin on January 1st, 2017. 

Once approved for release into the market, more states have been added to the list as existing and new members in our marketed plans will enjoy the value-added benefits of the SilverSneakers Fitness program at no additional cost! Effective January 1, 2017, California members in our marketed plans will enjoy SilverSneakers, too.  The program offers members their choice of paths to better health. For those who enjoy a traditional workout setting, SilverSneakers offers access to more than 13,000 fitness locations across the country, including use of classes and guidance from a Program AdvisorTM. In addition, for those who can’t get to a fitness center, SilverSneakers Steps® kits focus on at-home or on-the-go general fitness, walking, strength training or yoga. And if that is not …

How Will Donald TRUMP ObamaCare?

With the election of Donald Trump as the next US President, healthcare reform and ObamaCare are on the chopping block.  There is media speculation that a transformation away from the current ObamaCare system will be rather immediate once Donald Trump is sworn into office in January.  


While changes are certainly coming, I would not expect a wholesale changeover immediately, but rather over the course of 2017.  My hope is to see an open market available at any time during the year (like it used to be) instead of an abbreviated Open Enrollment Period.  

Below are some key points to a Donald Trump-Care system and a link to his Healthcare Reform Paper which goes into more detail...



 1. Completely repeal Obamacare. 2. Modify existing law that inhibits the sale of health insurance across state lines. 3. Allow individuals to fully deduct health insurance premium payments 4. Allow individuals to use Health Savings Accounts (HSAs). 5. Require price transparency from all healthcare providers.6. Bl…

2016 Open Enrollment Has Begun

Here to kickoff the 2016 open enrollment period which will run from November 1, 2015 to January 31, 2016.  

It is important to remember that during the open enrollment period all rules regarding SEP (special election period) enrollment dates for loss of employer coverage are off of the tablle. Than means no retroactive start dates on the Covered California health exchange.

Remember during open enrollment you may sign up for any available health insurance plan either off- or on-exchange with no medical underwriting.

My site features live free instant quotes and online applications for off-exchange subscribers.

For Covered California exchange subscribers, I can take your information over the phone and set up your account on Covered CA for you.  You would need to log in with a special code I would provide upon submission of the application and select your plan/pay the initial premium via Covered CA.  

Carrier for 2016 include:

*Anthem Blue Cross PPO, Tiered PPO and HMO
*Blue Shield of Californi…