How Anthem cyber-attack could impact Premera members

how-anthem-cyberattack-could-impact-premera-members Friday, February 6, 2015

Safeguarding our members' personal, financial and medical information is one of our top priorities. Anthem Inc., a separate company from Premera that is also an independent licensee of the Blue Cross Blue Shield Association, recently suffered a cyber-attack which has been widely reported in the media. We are working with Anthem and the Blue Cross Blue Shield Association to understand how this incident may affect our members. We'll update our blog as we receive more information.

Does this affect Premera members?

If you have received medical services in a state where Anthem operates, either because you live in one of those states or because you received medical care while traveling, your data may be affected. Those states are:

  • Colorado
  • Nevada
  • Connecticut
  • Georgia
  • Indiana
  • Kentucky
  • Maine
  • Missouri
  • New Hampshire
  • Ohio
  • Virginia
  • Wisconsin
  • California
  • New York

Why would Anthem have my data?

Premera is part of the national network of the Blue Cross and Blue Shield Association. Being part of that network allows our members to access care across the country. If you receive care outside of Premera's home states of Washington and Alaska, the local Blue plan for that state may be involved in processing your claim. If you receive healthcare services in one of the states listed above, your healthcare provider may share your information with Anthem to allow them to process your claim.

How will I know if I've been affected?
Premera has received data from Anthem, which is currently being processed, and we'll notify affected members as soon as possible. There may be a small number of members whose Social Security numbers may have been included in the hacked data and we plan to reach out personally to them. Social Security numbers are not generally included in member records so we expect a very small number of members to have been affected. If your information has been affected you will be notified in the next few weeks and you'll be offered free identity protection and credit monitoring services.  

What kind of information may have been accessed as part of this attack?

The information that was accessed may include members' names, addresses, social security numbers, email addresses, employer information and telephone numbers. However, not all of this information would have been stored in Anthem's systems for every member. Currently we believe that no credit card information or medical information was accessed.

What is Premera doing to keep my data safe?

Premera has a dedicated IT security team who is constantly working to safeguard our members' data and we continue to examine our systems and security measures to safeguard against these risks.

Protecting your personal information

If your data was accessed during this attack you'll be receiving a letter to offer free identify protection and credit monitoring services. But there are also steps that you can take to safeguard your data.

  • Keep an eye on your Explanation of Benefits (EOB) statements. If you see suspicious claims, contact Premera immediately, using the number on the back of your ID card.
  • Log in to Premera.com and register for electronic EOBs. This will allow you to view and monitor your EOBs online.
  • Be wary of emails you receive that claim to be related to this incident. You will notified by written letter if you have been affected. Scam or phishing emails may try to use this incident to obtain your personal data.
  • Place a fraud alert on your credit report. This alert lasts 90 days and will make it more difficult for a fraudster to open accounts in your name. Here's information on how to place a fraud alert.
  • Make sure your online information is secure with strong passwords. Although no password information was accessed in this attack, having access to your personal data can make it easier for hackers to gain access to your online accounts. Here's more information on how to create a strong password.

Watch out for Anthem breach-related scam emails

You may receive scam emails designed to capture personal information (known as "phishing") which suggest they are offering free credit monitoring. These emails are NOT from Anthem. If you receive such an email you should follow these steps to safeguard your personal information:

  • DO NOT click on any links in the email.
  • DO NOT reply to the email or reach out to the senders in any way.
  • DO NOT supply any information on the website that may open if you click on a link in the email.
  • DO NOT open any attachments that arrive with the email.

Remember: Neither Premera or Anthem will ever contact you and ask for credit card information or social security numbers either over the phone or by email. You should always be wary when asked to share your personal data with an organization who contacts you. If you have been affected by this attack, you'll be notified via U.S. postal service with information about how to enroll in free credit monitoring and ID protection services.

Credit Monitoring and Identity Repair Services for Affected Members
Members who are concerned that their data may have been accessed during this attack will be able to sign up for two years of free credit monitoring and identity repair services. As of February 13, 2015, members can access these services at www.anthemfacts.com. Any concerned member of a Blue Cross Blue Shield plan, including Premera members, will be able to access these services and do not need to wait for notification that they were affected. In addition, once we have been able to identify exactly which members have been affected, those members will receive a letter from Premera with more information. It's important to remember that most Premera members will not have been affected by this attack. You may have been affected if you received services in the states listed above.  

The free identity protection services provided for members two years of:

  • Identity Repair Assistance: Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member's credit, and ensure the member's identity is returned to its proper condition. This assistance will cover any fraud that has occurred since the incident first began.
  • Credit Monitoring: At no cost, members may also enroll in additional protections, including credit monitoring. Credit monitoring alerts consumers when banks and creditors use their identity to open new credit accounts.
  • Child Identity Protection: Child-specific identity protection services will also be offered to any members with children insured through their Premera plan.
  • Identity theft insurance: For individuals who enroll, the company has arranged for $1,000,000 in identity theft insurance, where allowed by law.
  • Identity theft monitoring/fraud detection: For members who enroll, data such as credit card numbers, social security numbers and emails will be scanned against aggregated data sources maintained by top security researchers that contain stolen and compromised individual data, in order to look for any indication that the members' data has been compromised.
  • Phone Alerts: Individuals who register for this service and provide their contact information will receive an alert when there is a notification from a credit bureau, or when it appears from identity theft monitoring activities that the individual's identity may be compromised.

 

Popular Articles

Protect Yourself Against COVID-19 and the Flu This Fall

Care Available in This Period of Prolonged Stress

how much do small business health plans cost?

How much does small business health insurance cost in Washington state?