On Feb. 5, 2015, Anthem Blue Cross and Blue Shield announced that it was the target of an external cyber attack. The attackers gained unauthorized access to Anthem’s IT system and obtained personal information from its current and former members, including their names, birthdays, medical IDs and employment information. Some social security numbers were also involved.We take the privacy and security of our members’ information very seriously. In light of the close business relationships we have with fellow Blue plans, we are working very hard with Anthem to obtain further information about data that was breached.BCBSM has been in discussions with Anthem about communications and member protections. Any impacted BCBSM member will receive a letter and offer of free credit monitoring.BCBSM members who live in — or have recently traveled to one of the 14 states where Anthem is a Blue Cross and Blue Shield licensee — could potentially be affected by the Anthem database breach.The following information can help you respond to inquiries from BCBSM and Blue Care Network members:
Anthem and BCBSM are two separate companies. Anthem’s system was breached — and we are still investigating.
When we learned of the incident, we immediately convened our own critical incident response team to work with our Privacy and Security officials and IT leadership to investigate and respond on behalf of our members. We are working together with Anthem to understand possible impacts to our customers and members. We’ll communicate the facts as they become available to us and take appropriate actions.
We have updated bcbsm.com and our corporate blog at mibluesperspectives.com with facts as they have become known. Check these sites for updates.
Anthem is currently conducting an extensive IT forensic investigation to determine what members are impacted. BCBSM members who live in one of the 14 states in which Anthem operates — or have received health care services in these states —could have been in the Anthem database. They will be contacted by letter if they are impacted and offered credit protection.
The following is a list of states where Anthem is a Blue Cross and Blue Shield licensee:
- New Hampshire
- New York
Those who may have been impacted by the cyber attack against Anthem should be cautious of scam email campaigns. These scams, designed to capture personal information (known as “phishing”), would be designed to appear as if they are from Anthem and the emails would include a “click here” link for credit monitoring. These emails are not from Anthem. To protect yourself, please:
- Do not click on any links in email.
- Do not reply to the email or reach out to the senders in any way.
- Do not supply any information on the website that may open, if you have clicked on a link in email.
- Do not open any attachments that arrive with email.
This type of outreach is from scam artists who are trying to trick consumers into sharing personal data. There is no indication that the scam email campaigns are being conducted by those that committed the cyber attack, or that the information accessed in the attack is being used by the scammers.
Official communications will be sent to affected members via mail delivered by the U.S. Postal Service only. For more guidance on recognizing scam email, please visit the Federal Trade Commission website.Go to main navigation