Skip to content

AEP learns of cyber attack on health benefits provider Anthem

by on February 6, 2015

AEP wants to let retirees know that the company has become aware that Anthem, Inc., the parent company of one of its health insurance providers, is the victim of a highly-sophisticated cyber attack. Anthem has informed AEP that Anthem member data was accessed, and that breached data could include that of AEP participants, including retirees.

Please note that this data breach is specific to current and former participants of  Anthem benefit plans; retirees who have always been Aetna plan participants are not affected.

“We are working closely with Anthem to better understand the impact on its members,” said Brian Healy, managing director – Total Rewards for AEP. Here is what we do know, he said:

  • Once Anthem determined it was the victim of a sophisticated cyber attack, it immediately notified federal law enforcement officials and shared the indicators of compromise with the HITRUST C3 (Cyber Threat Intelligence and Incident Coordination Center).
  • Anthem’s Information Security has worked to eliminate any further vulnerability and continues to secure all of its data.
  • Anthem immediately began a forensic IT investigation to determine the number of impacted consumers and to identify the type of information accessed. The investigation is still taking place.
  • The information accessed includes member names, member health ID numbers/Social Security numbers, dates of birth, addresses, telephone numbers, email addresses and employment information, including income data. Social Security numbers were included in only a subset of the universe of consumers that were impacted.
  • Anthem is still working to determine which members’ Social Security numbers were accessed.
  • Anthem’s investigation to date shows that no credit card or confidential health information was accessed.
  • Anthem has advised us there is no indication at this time that any of our clients’ personal information has been misused.
  • All impacted Anthem members will be enrolled in identity repair services. In addition, impacted members will be provided information on how to enroll in free credit monitoring.

“We are continuing to work closely with Anthem to better understand the cyber attack and the impact on our participants,” Healy said. “We will continue to keep you updated as information becomes available.”

Anthem has created a website – www.anthemfacts.com — and a hotline, 1-877-263-7995, for its members to call for more information. The website includes an updated Frequently Asked Questions webpage that further explains the cyber attack. Anthem has already begun the process of notifying members of this cyber attack and the data affected.

From → Benefits

Leave a Comment

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: