Anthem is offering identity repair assistance and credit monitoring services to current members and former members enrolled in 2004 or later in response to the recent data breach.

Affected members can access these services beginning Friday, Feb. 13, 2015 at 11 a.m. Pacific Time via AnthemFacts.com or AnthemInforma.com for Spanish-speaking members.

Members may receive an email regarding these services from Anthem beginning the week of Feb. 16.  They will also receive a letter from Anthem in the coming weeks, but do not need to wait for the letter to begin using the services.

As many of you have heard in the news, Anthem, Inc. disclosed on Feb. 5, 2015 that the health insurer was the target of a very sophisticated external cyber attack and that data for its 80 million members was accessed. This potentially includes information about UC students, faculty, staff and retirees, as well as their dependents.

In addition, on Feb. 6, Anthem notified UC of a phishing scam related to the cyber attack. The phishing scam, which uses Anthem’s logoPDF, includes an offer to sign up for a year of credit card protection. If you receive this or a similar email, do not respond to or click on any links.

Currently, Anthem is the network provider and claims administrator for UC SHIP, the university’s student health insurance plan, at UC San Francisco, Hastings College of the Law, UC Santa Cruz, UC Irvine (graduate students only), UC Merced, UCLA and UC San Diego. UC Irvine undergraduates and UC Davis students have vision insurance only through Anthem. Anthem provided services for UC SHIP at all campuses from August 2011 through July 2013.

From 2003 until Jan. 1, 2014, also Anthem provided health insurance to UC employees and retirees and their dependents. The UC Anthem plans included Anthem Blue Cross PPO, Anthem Blue Cross PLUS, Anthem Lumenos, Core, Core Medicare, Anthem Blue Cross Medicare PPO and High Option Supplement to Medicare.

According to Anthem, the information accessed through the attack includes member names, member health ID numbers/Social Security numbers (Anthem does not possess Social Security numbers for UC students), dates of birth, addresses, telephone numbers, email addresses, and employment information such as the UC campus or medical center location and the separation date.

Anthem has created a dedicated website where current and former Anthem members can find information. Members may also call 1-877-263-7995.

UC is in communications with Anthem to understand the effect of this data breach on current and former Anthem members.  Here is a summary of information Anthem has provided:
  • Anthem’s investigation to date shows that no confidential health information (e.g., no claims information, no diagnosis) was accessed.
  • Anthem has advised UC that there is no indication at this time that any employees’, retirees’ or students’ personal information has been misused.
  • Anthem will enroll members affected by the attack in identity repair services. In addition, impacted members will be provided information on how to enroll in free credit monitoring. Anthem will notify affected members only by mail sent through the U.S. Postal Service.*
  • Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the Federal Bureau of Investigation (FBI) and began fully cooperating with its investigation. Anthem has also retained Mandiant, one of the world’s leading cybersecurity firms, to provide incident response and security assessment services.
The most up-to-date information can be found at AnthemFacts.com or Anthem Informa.com.

--
*Note that this postal-mail-only sentence doesn't quite square with the earlier sentence above that talks about an email during the week of Feb. 16.  Yours truly suggests waiting for the postal notification and not responding to any email that purports to ask for information.