• Welcome to Phoenix Rising!

    Created in 2008, Phoenix Rising is the largest and oldest forum dedicated to furthering the understanding of, and finding treatments for, complex chronic illnesses such as chronic fatigue syndrome (ME/CFS), fibromyalgia, long COVID, postural orthostatic tachycardia syndrome (POTS), mast cell activation syndrome (MCAS), and allied diseases.

    To become a member, simply click the Register button at the top right.

Insurance Company Anthem Blue Cross Computers Hacked - Customers Information May Have Been Breached

W

Wally

Senior Member
Messages
1,167
D

Denise

Senior Member
Messages
1,095
This affects more than Anthem Blue Cross Blue Shield customers.

"The impacted (plan/brand) include Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, and DeCare."
http://www.anthemfacts.com/faq



The Better Business Bureau has this FAQ for anyone (not just related to the hack of Anthem) about personal information:

http://www.bbb.org/blog/2013/03/what-should-i-do-if-my-personal-information-has-been-lost-or-stolen/
 
Last edited:
W

Wally

Senior Member
Messages
1,167
@Denise,
Thank you so much for posting more information about this breach. I am not feeling very well today, so it is taking me a lot of effort to try to post anything that is close to coherent. :thumbsup: :hug:

Wally :ill:
 
D

Denise

Senior Member
Messages
1,095
Wally said:
@Denise,
Thank you so much for posting more information about this breach. I am not feeling very well today, so it is taking me a lot of effort to try to post anything that is close to coherent. :thumbsup: :hug:

Wally :ill:
Click to expand...


@Wally I hope you feel better!
(I am glad to post more info when doing so helps.)
 
Gingergrrl

Gingergrrl

Senior Member
Messages
16,171
If you have Blue Shield that is not through Anthem is it also affected?

ETA: I just read the link and it says current and former Anthem members and I had Anthem BC for years so I guess I am at risk too. Eek.
 
Ecoclimber

Ecoclimber

Senior Member
Messages
1,011
Identity theft is a big issue with this type of hack and is been going on for some time. Filing fraudlent tax returns so that the IRS issues refunds to miscreants in your name. The best solution is a complete credit freeze on your account among the three credit agencies. The minimum is a credit alert for 90 days renewing each ninety days. Credit monitoring services normally notifies after the fact.


China To Blame in Anthem Hack?
Krebs on Security

Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc. are pointing the finger at state-sponsored hackers from China. Although unconfirmed, that suspicion would explain a confidential alert the FBI circulated last week warning that Chinese hackers were targeting personally identifiable information from U.S. commercial and government networks.

According to this story from Bloomberg’s Michael Riley and Jordan Robertson, “the attack appears to follow a pattern of thefts of medical data by foreigners seeking a pathway into the personal lives and computers of a select group — defense contractors, government workers and others, according to a U.S. government official familiar with a more than year-long investigation into the evidence of a broader campaign.”

fbi-pandaflash-600x499.png



Citing Tax Fraud Spike, TurboTax Suspends State E-Filings

TurboTax owner Intuit Inc. said Thursday that it is temporarily suspending the transmission of state e-filed tax returns in response to a surge in complaints from consumers who logged into their TurboTax accounts only to find crooks had already claimed a refund in their name.

“During this tax season, Intuit and some states have seen an increase in suspicious filings and attempts by criminals to use stolen identity information to file fraudulent state tax returns and claim tax refunds,” the company said in a statement.

Tax Fraud Gang Targeted Healthcare Firms

Earlier this month, I wrote about an organized cybercrime gang that has been hacking into HR departments at organizations across the country and filing fraudulent tax refund requests with the IRS on employees of those victim firms. Today, we’ll look a bit closer at the activities of this crime gang, which appears to have targeted a large number of healthcare and senior living organizations that were all using the same third-party payroll and HR services provider.
 
Last edited:
catly

catly

Senior Member
Messages
284
Location
outside of NYC
Gingergrrl said:
If you have Blue Shield that is not through Anthem is it also affected?

ETA: I just read the link and it says current and former Anthem members and I had Anthem BC for years so I guess I am at risk too. Eek.
Click to expand...

I think they emailed everyone they believed were affected. They're saying up to 80 million members are impacted, which is probably all the BC/BS membership. This is huge
 
W

Wally

Senior Member
Messages
1,167
catly said:
I think they emailed everyone they believed were affected. They're saying up to 80 million members are impacted, which is probably all the BC/BS membership. This is huge
Click to expand...
As of this morning, I nor anyone that I know in Ca. who is an Anthem (or other affiliated company) policyholder received notification from Anthem about this breach. People learned about the breach via news media outlets. Since they have policyholder e-mail addresses and phone numbers it seemed interesting that they had not been proactive to communicate directly with their policyholders.

In talking to the company I also learned that not only did the CEO find out that his personal information was breached, but employees also had been provided with this information. I was told that it take about 3 weeks before policyholders were notified (by mail) if their personal information had been accessed. Only after this determination was made would Anthem provide credit monitoring services.

No mention was made on Anthem's website or when calling their customer service line, on how policyholders could protect their personal information during this 3 week waiting period nor did they provide any information regarding reimbursement for credit monitoring that might be used outside of the service they planned to provide. The cost of putting a freeze on your credit reports can cost up to $30 per Credit Reporting Agency (there are 3) and $15 per Agency to lift the freeze.

Since this is a regulatory area that I am quite familiar with, many phone calls were placed yesterday with the regulators in my State to request that the issues raised above were fully investigated and reviewed.

I personally would immediately put a "Fraud Alert" on my credit report with each of the Credit Reporting Agencies and perhaps look into whether a further lock on my credit report by "freezing" access to my credit information might also be worth the extra cost and restrictions.
 
catly

catly

Senior Member
Messages
284
Location
outside of NYC
Actually we received notice from our HR department that there are phishing emails coming from what appears to be Anthem but they are not. They are asking people to sign up for fraud protection services. DO NOT REPLY TO THESE EMAILS.
 
Ecoclimber

Ecoclimber

Senior Member
Messages
1,011
Phishers Pounce on Anthem Breach

Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers.

The flood of phishing scams was unleashed just hours after Anthem announced publicly that a “very sophisticated cyberattack” on its systems had compromised the Social Security information and other personal details on some 80 million Americans.

According to Anthem, fraudsters also are busy perpetrating similar scams by cold-calling people via telephone. In a recording posted to its toll-free hotline for this breach (877-263-7995), Anthem said it is aware of outbound call scams targeting current and former Anthem members.
 
Ecoclimber

Ecoclimber

Senior Member
Messages
1,011
Addtional Update:

Since this affects almost 1/4 of all Americans, I believe this is important as it could be usedin cases of identity and tax return fraud. It may also include information protected under HIPPA. Cybercriminal organiztions are also targeting other healthcare providers.

Anthem Breach May Have Started in April 2014

Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion.

The Wall Street Journal reported last week that security experts involved in the ongoing forensics investigation into the breach say the servers and attack tools used in the attack on Anthem bear the hallmark of a state-sponsored Chinese cyber espionage group known by a number of names, including “Deep Panda,” “Axiom,” Group 72,” and the “Shell_Crew,” to name but a few.
 
Last edited:
Little Bluestem

Little Bluestem

All Good Things Must Come to an End
Messages
4,930
Shortly before this hack, I heard that healthcare businesses are the number one target of identity theft hackers. I read the same thing several years ago.

I no longer put my birth date on healthcare forms; I just put my age. I do not give anyone my Social Security Number.
 
Ecoclimber

Ecoclimber

Senior Member
Messages
1,011
Major security breach with Microsoft Windows, Lenovo laptops and preloaded software know as Superfish software. Specifically on 11 types of Lenovo laptops affecting at least 16 million users. This may not be limited to just Lenovo laptops. http://www.wilderssecurity.com/threads/superfish-is-not-the-only-one.373647/

The preloaded software, called Superfish, alters your search results to show you different ads than you would otherwise see. But it also tampers with your computer's security so that attackers can snoop on your browser traffic -- no matter which browser you're using. Attackers are able to see all the communication that's supposed to be confidential -- banking transactions, passwords, emails, instant messages.

It installs a Root CA on user's PCs with the same private key thus making their users vulnerable to MitM attacks.It allows hackers to impersonate shopping, banking and other websites and steal users' credit card numbers and other personal data. It takes images at everything you look at on the websites and then using sophisticated algorithm, injects ads based on those images. In other words, it injects code into every encrypted and secure website connection including banking. Superfish cripples a Web browser's ability to communicate securely

The underlying SSL decryption library from Komodia has been found to be present on other applications, including KeepMyFamilySecure. Please refer to CERT Vulnerability Note VU#529496 for more details and updates.
http://www.kb.cert.org/vuls/id/529496

If you think were exposed you can put a fraud alert or credit freeze on your account for best protection.
http://www.clarkhoward.com/news/cla...nce-credit/credit-freeze-and-thaw-guide/nFbL/

http://www.cbsnews.com/news/microsoft-lenovo-superfish-security-flaw/
 
You must log in or register to reply here.