back to article Glad you're not on the Anthem hacker hit list? Not so fast – millions more affected

US health insurer Anthem now says that the recent security breach that exposed the personal data of tens of millions of its customers also affected people who never did business with the firm. That's because Anthem's database included data not just for customers of Anthem-run Blue Cross Blue Shield healthcare plans, but also …

  1. phil dude


    I have BC in TN. Breached?


    1. psychonaut

      Re: tn?

      roger roger, charlie tango teakettle barbeque. see you next tuesday.

      1. phil dude

        Re: tn?

        Ah Yes, Here.

        El Reg, perhaps an article on how this happened before in 2009, and there were fines?

        The cynic in me sees that everytime this happens, they offer credit monitoring for a year or two. But no liability for the actual loss.

        This seems to cheap for $CORPS, they are not taking this seriously...


        1. Mark 85 Silver badge

          Re: tn?

          They don't have to take this seriously. Ideally you are right, they should have liability but it will take something heavier than a legislative slap on the wrist to do it. I think make the fine automatic and high but then there's the mom and pop shops that will suffer.

          We found out that because my wife went to California for some treatment, her account may have compromised even though we're members elsewhere. Seems that Anthem had to "pre-process" the claim before sending it on and there's no telling what and how much information they had on her.

          1. Robert Helpmann??

            Re: tn?

            Since the legislative/regulatory path is proving ineffective, what does that leave us? Legal action? That just means that the lawyers get rich and the damage really does not get undone or prevented. As this issue extends far beyond the health care industry, my guess is the best way to deal with it is through more far-reaching legal reform. Unless a bunch of pols have their identities stolen - then we will have immediate, misguided action which will cause unintended consequences for years to come.

            1. Compression Artifact

              Re: tn?

              Two things that may inspire improved customer database security:

              1. Jail time instead of fines.

              2. Shareholders eat the losses, followed by shareholder revolt, followed by new management.

              If all the losses, fines and payouts to class action lawsuits are regarded as "costs of doing business" and simply tacked onto next year's premiums, then no improvements can be expected.

  2. DNTP

    I don't use Anthem, thought I was safe

    Well fuck.

    If my BCBS customer associate is as helpful as usual, then they will refuse to tell me if I'm on the list (from the article, I logically would be) or offer any credit monitoring service.

    My company just did our annual HIPAA certification training, where it was iterated over and over how bad a Protected Health Information disclosure could be. Using BIG companies and their "fines" as precedent, though, makes it appear like HIPAA has all the teeth of the DARE program.

  3. Compression Artifact

    The morning after the breach, I mailed security freeze requests to the three credit reporting agencies; and I've gotten the confirmations back from them. The consensus of security experts seems to be that this is Step #1 and that once this is done, credit monitoring services provide very little additional protection (despite what the hyperventilating commercials say).

    The postage wasn't cheap--certified mail with return receipts times 3. I'm sending the bill to Anthem. We'll see what happens.

    1. DryBones

      What happens next is you discover you'll have to pay yet again to remove the freezes, either temporarily or permanently, I suppose.

  4. CJ_in_AZ

    Don't suppose that the Religious Wrong [they'd say "Right", but IMNSHO "Wrong" is more to truthful] will get a CLUE that the American health care system[SIC] is broken in so many ways...

    1. Dan Paul


      What does religious belief have to do with hacking Anthem health care? The article certainly does not make ANY mention of it. Why do you?

  5. Efros

    Insurance gits

    $16000 p.a. premium I get charged by these tossers and this is the service you get.

  6. Anonymous Coward

    2 years of credit reporting services?

    Thank God! I thought that Anthem might offer a woefully insignificant credit monitoring package in an attempt to shift the financial cost of their poor security onto their customers.

    /sarcasm off

    And yes, I am probably one of those who got their ID information leaked. I guess its time to review legal options against Anthem.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021