Anthem, Inc. Data Security Breach
On February 4, 2015, Anthem, Inc.—the second largest private insurer in the country—publically disclosed that its information security system had been breached and the personal details of over 60 million Anthem customers was compromised. We are representing individuals whose information was compromised in this data breach.
According to Anthem’s President and CEO Joseph R. Swedish, the information stolen from Anthem’s data systems includes names, birthdays, medical IDs, Social Security numbers, street addresses, email address, and employment and income information (“personal medical information”).
Although Anthem’s admission was not made public until February 4, 2015, Anthem’s databases were actually compromised on or about December 10, 2014. And, the theft of personal medical information went undiscovered until January 27, 2015. The impact of the breach was felt immediately: within days of Anthem’s announcement, “phishing” emails, crafted so they appear to be from Anthem, began reaching Anthem customers asking them to verify credit card information and personal health information through “click here” links in the emails. Katherine Keefe, global focus group leader for breach response services at Beazley, which underwrites cyber-liability policies, has said “The value to a criminal of having a full set of medical information on a person can go for $40 to $50 on the street. By contrast, a credit card number is often worth $4 or $5.
Anthem’s failures are compound. First, Anthem failed to take adequate and reasonable measures to ensure its data systems were protected and to prevent the data breach in the first instance. Second, Anthem failed to disclose to its customers the material facts that it did not have adequate computer systems and security practices to safeguard customers’ personal data. Third, Anthem waited approximately nine days before it informed its customers of the data breach and theft of their personal medical information.
Because of its inadequate security, Anthem negligently allowed the loss of data of over 60 million records. Anyone who has or has had Anthem Blue Cross and Blue Shield insurance after 2004 is potentially a victim of this theft.
Additionally, Anthem has recently disclosed that through the Blue Cross and Blue Shield Association’s BlueCard Network, the information of non-Anthem members who have other Blue Cross Blue Shield insurance was potentially compromised as well. Anthem as identified the following plans as having potentially been compromised in addition to all Anthem Blue Cross and Blue Shield members:
|Blue Cross and Blue Shield of Georgia||Arkansas BCBS|
|Empire Blue Cross and Blue Shield (New York)||BCBS of Alabama|
|Amerigroup||BCBS of Arizona|
|Caremore||BCBS of Hawaii|
|Unicare||BCBS of Kansas|
|Healthlink (Missouri)||BCBS of Kansas City|
|BCBS of Massachusetts||BCBS of Louisiana|
|BCBS of Michigan||BCBS of Minnesota|
|BCBS of Mississippi||BCBS of Nebraska|
|BCBS of North Carolina||BCBS of North Dakota|
|BCBS of Rhode Island||BCBS of South Carolina|
|BCBS of Tennessee||BCBS of Vermont|
|BCBS of Wyoming||Blue Cross of Idaho|
|Blue Shield of California||Capital Blue Cross|
|CareFirst BCBS||BCBS of Florida|
|GeoBlue||HealthNow New York|
|Highmark BCBS||Horizon BCBS|
|Hospital Service Assoc. of Northeastern PA||Independence Blue Cross|
|La Cruz Azul||Lifetime Healthcare, Inc.|
|Premera BCBS||Wellmark BCBS|
|BlueCross BlueShield of Illinois||BlueCross BlueShield of Texas|
|BlueCross BlueShield of Oklahoma|
|BlueCross BlueShield of Montana|
|BlueCross BlueShield of New Mexico|
|Regence BlueCross BlueShield (Or. & Utah)|
|Regence BlueShield (in Idaho and portions of Washington state)|
For more information or to speak with an attorney, please call our office at 855-984-8100 or email Ashlea Schwarz at firstname.lastname@example.org