Update: Anthem Security Breach
Credit and Identity Protection Now Available

As we recently reported, Anthem who provides the Health Plan with access to their provider network, had a serious data breach affecting over 70 million people. While the full extent of the data breach is still unknown, including whether or not any Health Plan participant data was affected, Anthem has been quick to respond to the seriousness of the situation by immediately offering free credit monitoring and identity theft protection through AllClearID, a reputable consumer protection company.

Beginning Friday, February 13, current and former SAG-Producers Health Plan participants and dependents can click on https://anthem.allclearid.com/ to quickly enroll in free identity protection and credit monitoring services. You can also call (877) 263-7995 if you prefer to enroll by phone, but it may take longer than enrolling online.

The free identity protection services provided by Anthem include two years of:
Identity Repair Assistance
Credit Monitoring
Child Identity Protection
Identity theft insurance
Identity theft monitoring/fraud detection

For additional facts we encourage you to visit the website (www.AnthemFacts.com). We also continue to urge you to be proactive with regard to safeguarding personal data. As updates are made available by Anthem we will continue to keep you posted via our website.

 

Previous Updates

 

Alert: Anthem Phishing Scam

As many of you already know, Anthem, who provides the Health Plan with access to their provider network, experienced an extensive IT security breach this week. While credit card and medical information doesn't appear to have been stolen, personal information and identity details were compromised, such as: Names, Addresses, DOBs, and Social Security numbers.

While yesterday Anthem sent out letters to all of our participants informing them of the security breach, today we were also made aware of a scam in which someone created a fake email from Anthem regarding credit monitoring. All participants should be aware of scam email campaigns designed to capture personal information (known as "phishing"). Emails which include a "click here" link for credit monitoring are NOT from Anthem.

In the coming weeks Anthem will individually notify members whose information has been accessed and will provide credit monitoring and identity protection services free of charge. Anthem will contact current and former affected members via mail delivered by the U.S. Postal Service with specific information on how to enroll in credit monitoring. While we don't yet know the extent of the data breach related to our membership we encourage all participants to contact Anthem directly at: (877) 263-7995 or via the website (www.AnthemFacts.com) for additional FAQs.

We share in your concern and want to reassure our participants and their families that security continues to be a top priority for our team.  We urge everyone to always be proactive with regard to safeguarding personal information Again, as additional information unfolds about the Anthem breach we will continually update our website and communicate all new details with you.

Update: Anthem Security Breach

On February 4, the Plans discovered that Anthem, who provides the Health Plan with access to their provider network, experienced an IT security breach. An Anthem IT system was compromised and personal information from current and former customers and employees was stolen. We are currently not aware of how many Health Plan participants were affected. Participants can contact Anthem directly at: (877) 263-7995 or via the website (www.AnthemFacts.com) to access additional FAQs or to have any other questions answered.

As we learn more about the Anthem breach we will continually update our website and communicate all new information with you. Protecting your personal information is one of our top priorities, and our internal IT team is constantly working to secure your data as well as on updating our security processes.

We have been in direct contact with Anthem since the breach and were recently updated directly by them.

The latest details from Anthem are below:

  • Anthem, Inc. was the victim of a cyber-attack and is working with federal investigators to determine who is responsible and why Anthem, Inc. was targeted.
  • On January 27, Anthem discovered that one of its database warehouses was experiencing a suspicious data query. Anthem immediately stopped the unauthorized activity and launched an internal investigation, where we learned that the compromised database warehouse experienced a series of sporadic suspicious queries during the course of several weeks. Anthem took immediate action to secure its data and contacted federal investigators.
  • On January 29, 2015, Anthem determined that they were the victim of a sophisticated cyber-attack. Anthem immediately notified federal law enforcement officials and shared the indicators of compromise with the HITRUST C3 (Cyber Threat Intelligence and Incident Coordination Center.)
  • Anthem's investigation indicates that the attacker gained access to one of its database warehouses. Initial analysis indicates the attacker had access to information on a significant number of consumers. This includes Anthem's affiliated health plans' current and former members and some members of non-affiliated Blue Plans who received medical services in Anthem states.
  • Anthem's investigation to date shows the information accessed includes member names, member health identification (ID) numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses and employment information, including income data.
  • Social Security numbers were included in only a subset of the universe of consumers that were impacted. Anthem is still working to identify how many Social Security numbers were accessed.
  • Anthem's investigation to date shows no credit card information or confidential health information was compromised. However, we would like to emphasize that the Plans do not store participant credit card information nor do we exchange credit card information with Anthem, therefore the credit card component does not apply to our participants.
  • Since discovery of the issue, Anthem has been working to identify impacted members and groups.
  • Anthem is continuing to investigate the extent of the data breach, and is doing everything they can to ensure there is no further vulnerability to our database warehouses.
  • Anthem has contracted with Mandiant – a global company specializing in the investigation and resolution of cyber-attacks. Anthem will work with Mandiant to ensure there are no further vulnerabilities, identify potential gaps and strengthen security to all Anthem networks.