Thursday, February 05, 2015

Major hack on a health insurance Anthem ("Blue") company


The Anthem Blue Cross plan (hq-ed in San Francisco) has endured a large data hack, according to USA Today, link .  Over 80 million records across the company were compromised, and the source appears to be China.  The breach did not involve credit card information, but a great deal of personal information.

The Wall Street Journal has a detailed story by Anna Wilde Mathews and Danny Yadron, link here.
My own work history had two employment episodes associated with the BCBS system.  One was a consortium of up to seven Plans, but the turf-oriented Blues have always had trouble working together so this hack is no surprise to me.  
   
I think this is the first major hack on a health insurance company, certainly a Blue Plan.

The hacks on major retailers and brokerages so far don’t seem to have directly resulted in a lot of identity theft. 

The biggest threats seem to be fictitious persons made out of children or of others (including the elderly) not needing credit or using it for a long time.  The danger could increase with the opportunity for medical identity theft. The best way to meet the threat seems to be to contact Experian, Equifax and TransUnion and put on credit freezes, which only you can unlock when actually needing credit.
     
But NBC News has a story explaining how credit monitoring may not stop medical identity theft, which can lead to incorrect patient records and create life-threatening mistakes later with real patients (especially in emergencies, where the careful address verification that I propose on other pages here cannot be done in time). So this gets closer to a real national security problem if coming from a foreign source,  The New York Times (Friday, Feb. 6, p. B4) has a story by Tara Siegel-Bernard on the steps of self-protection here (link), regarding existing accounts, new accounts and social security numbers. 

No comments: