Personal and private information about brokers who sell Anthem insurance was not compromised as part of a sophisticated cyber-attack on the carrier’s information technology system revealed late Wednesday, a company spokesperson says.

While broker information was not accessed, the spokesperson confirmed hackers have stolen personal information from current and former members, including their names, birthdays, medical ID numbers, social security numbers, street addresses, email addresses and employment information, including income data.

See also: SEC warns about high threat of cyber attacks

Anthem is working closely with brokers to help them assist concerned members and clients, the spokesperson added. Early this morning, the carrier e-mailed a letter to all of its affiliated brokers and a link to a tool kit for brokers, including an FAQ for members and a template e-mail that can be used by brokers to send a bulletin to clients informing them about the breach and where to get more information about it.

Anthem has created a dedicated website, AnthemFacts.com, where members can access information such as frequent questions and answers. As the company learns more about the breach, the website will continue to be updated, the spokesperson says.

The insurer says it’s going to take about 10 to 14 days to figure out who was affected by the data breach and begin notifying those people.

Henry Roberson, of Roberson Insurance Agency in Virginia Beach, says he had notification from Anthem before 5 a.m. this morning about the breach, including a link to the tool kit.

Calling Anthem “a very good partner to the brokerage community,” Cindy Jones, vice president of operations and marketing for Los Angeles-based Dickerson Employee Benefits, says, “[W]e have no reason to expect that everything won’t be handled just as it should be. They’ve already proven that by releasing the corrective action very early this morning. They’ve been very proactive.”

Jones says Dickerson is using the Anthem member bulletin to assure brokers that corrective action has been taken with regard to the member breaches.

Once the attack was discovered, Anthem says it immediately “made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation.”

Anthem has also retained cybersecurity firm Mandiant to evaluate its systems and identify solutions, according to the member notice, issued by Joseph Swedish, Anthem’s president and CEO.

The carrier will provide credit monitoring and identity protection services free of charge to affected members.

There is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised, the insurance carrier says. 

No panic

Considering the recent high-profile cyber-attacks on Sony and Target, Jones says such breaches are unfortunately becoming commonplace and so far members are taking the information about the attack “in stride.”

“Every time you turn around a major company is getting hacked. I don’t think anybody is concerned about it,” adds Roberson of Virginia Beach. “I don’t see any damage being done. I mean if there is, there is. What are you going to do about it? There’s nothing I can do about it. I’m fighting Obamacare. I don’t see why anybody should be more alarmed [in this instance] than with any of the other major companies that got hacked. If there are issues, the company should probably handle them.”

“We’ve gotten very clear communication and direction from Anthem, so no one is panicking at this time,” adds Dickerson’s Jones.

Register or login for access to this item and much more

All Employee Benefit Adviser content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access