Anthem Just Got Hacked. This Is What You Need to Do to Protect Your Identity.
The second largest health insurer in the United States, Anthem Inc., has disclosed that it has been the latest victim of a massive hack. Social Security numbers, birthdays, addresses and more was retrieved from databases that stored information for tens of millions of Americans.
Anthem didn’t specify how many consumer records may have been breached, but it did say that all of the company’s business units were affected.
By looking at the figures from Anthem’s website, however, we can estimate how big this breach could be: “With nearly 69 million people served by its affiliated companies including more than 37 million enrolled in its family of health plans, Anthem is one of the nation’s leading health benefits companies.”
The company said it is conducting an extensive IT forensic investigation alongside the FBI to determine what members are impacted.
“We are working around the clock to determine how many people have been impacted and will notify all Anthem members who are impacted through a written communication,” the company stated in a question and answer page regarding the breach.
While there is currently no evidence that financial or medical information was compromised, the information that was breached is enough to commit identity theft or bypass questions to lock you out of existing accounts. And the risk isn’t short term, an attacker could sit on this information for years before deciding to use it.
The following steps, however, can be taken to protect yourself.
1. Monitor all existing accounts.
Keep an eye out for someone using this stolen information to trick a call center into letting them take over or transfer money out of existing accounts (they can bypass security questions with the last four digits of your SS number or street address). Watch for any unauthorized activity or transfers on your current financial accounts, including 401k or brokerage accounts.
2. Sign up for credit alerts and identity theft protection.
Anthem has pledged to offer free credit monitoring and identity protection services to all affected customers. These services will keep an eye on your reports for known indicators of identity theft and send you alerts, look for changes of address and alert you when someone else tries to use your identity.
But you shouldn’t wait for Anthem to complete its investigation as it could be some time until individuals are informed (especially since members will be notified via mail). It’s better to take action now and sign up for a service on your own to thwart any immediate attempts.
3. Sign up for fraud alerts.
A fraud alert cautions lenders and others to take special care to ensure your identity before issuing new credit. Contact each of the three major credit bureaus – Experian, Transunion and Equifax – and ask that a fraud alert be placed on your file. That will stay on your report for 90 days.
A more extreme measure is a credit freeze, which will stop any kind of credit being extended at all. This means that besides stopping criminals, however, that you won’t be able to issue a credit card, including in-store ones, or get a loan without notifying the three bureaus first.
4. File your taxes early.
It only takes two pieces of information for a hacker to steal your tax refund by filing your taxes early and claiming it for themselves (the data in the breach contained both). So file as early as possible to avoid any problems.
5. Stay vigilant.
Lastly, but probably the most important tip, is to stay vigilant. Your Social Security number is not going to change. One tip to avoid fallout from criminals using the stolen personal information is to never use personally identifiable information as answers to your "secret questions" on your online accounts, said Dwayne Melancon, CTO of Tripwire, a security software company.
"Make up your own questions and answers, or use answers that are fictitious but memorable to you to prevent criminals from guessing their way into your online accounts," said Melancon.
The issue at hand here isn’t so much the trouble of issuing new health insurance cards, its identity theft. Which is a much more complex and serious issue to be mindful of.