One of the largest data breaches in history was revealed Wednesday, as health insurance giant Anthem Inc. acknowledged that its computer system had been violated starting on December 10. The company noticed the breach on January 27 and verified it two days later.
The hack puts at least 37 million people in California at risk, as it includes access to the customers’ names, dates of birth, Social Security numbers, member ID numbers, addresses, phone numbers, email addresses and employment information, according to the Los Angeles Times. Medical information and credit card numbers appear to have been protected from the attack.
Jaime Blasco of AlienVault, a San Mateo, Calif., information security firm, told the Times, “If confirmed, we are dealing with one of the biggest data breaches in history and probably the biggest data breach in the healthcare industry. For individuals, in a few words, it is a nightmare. If the attackers had access to names, birthdays, addresses and Social Security numbers, it means that information can be easily used to carry out identity theft schemes.”
Anthem, the nation’s second-largest health insurer and the top company by enrollment on the Covered California insurance exchange, released a statement that read: “Cyber attackers executed a very sophisticated attack to gain unauthorized access” to one of the company’s computer systems and “have obtained personal information relating to consumers and Anthem Blue Cross employees who are currently covered, or who have received coverage in the past.”
Anthem’s chief executive, Joseph Swedish, sent an email to customers commiserating with their predicament. He wrote: “Anthem’s own associates’ personal information–including my own–was accessed during this security breach. We join you in your concern and frustration, and I assure you that we are working around the clock to do everything we can to further secure your data.”
The hack into comes at an inopportune time for Anthem, which is trying to enroll as many people as it can before the Feb. 15 deadline for the Affordable Care Act.
Anthem joins other major companies and institutions that have been hacked; some of the others and the number of people affected include: Court Ventures; 200 million; Ebay: 145 million; Heartland: 130 million; TJ Maxx: 94 million; AOL: 92 million; Sony: 77 million; J Morgan Chase: 76 million; the U.S. military: 76 million; Home Depot: 56 million; and Evernote: 50 million.