Anthem hack Q&A: What you need to know

Health insurer Anthem said Wednesday that hackers have breached its system. Above, Anthem headquarters in Indianapolis.
(Darron Cummings / Associated Press)

As many as 80 million people may have had their personal information stolen in a massive hack at health insurance giant Anthem Inc.

The data breach could be the largest cyber theft in the history of the healthcare industry.

Here is what you need to know:

Who is at risk?


Hackers gained access to a database that held records on people across all of Anthem’s businesses. Those possibly affected are customers at large employers, people enrolled in Medicaid managed-care plans and individual policyholders. Both current and former members are at risk, as well as other Blue Cross Blue Shield patients from all 50 states who had sought care in Anthem’s coverage area.

Anthem said information on customers’ children was also taken.

Anthem said it appeared doctors, hospitals and insurance brokers did not have their information accessed.

The accessed database had records on about 80 million people. Anthem said investigators are still determining the extent of the breach and number of people directly affected. The company hasn’t concluded who is behind the attack.


What was stolen?

Hackers obtained customers’ names, Social Security numbers, dates of birth, member ID numbers, addresses, phone numbers, email addresses and employment information, Anthem said. Some of the customer data may also include details on their income.

Anthem said its investigation has found no evidence that credit card and confidential health information was exposed.

How do I know if I was affected?


Anthem said it has been working to identify members and groups affected since the breach was discovered last week. The company said it will mail notices to those impacted as soon as possible and will enroll those customers in identity repair services and give them information on free credit monitoring.

Customers with more questions can call (877) 263-7995 or visit

What can I do to protect myself?

Although Anthem said it appears no credit card data were stolen, the litany of personal information accessed exposes customers to identify theft. Customers should monitor their debit and credit card accounts and report any suspicious activity immediately, security experts said.


Expert Tony Anscombe of AVG Technologies advised people to watch for emails that look like they came from Anthem and not to click on suspicious-looking links. “If in doubt contact Anthem to ensure it’s an official communication,” he said.

He also advised customers to monitor their credit reports to ensure someone isn’t taking out a line of credit using their identity. Customers should also change their email and password combination on any online accounts, if they were the same ones used with Anthem, he said.

The hack “is a very different issue compared to breaches at Target and Home Depot. Stealing medical IDs, Social Security numbers, and addresses poses a much larger risk of identity theft since these details can be used to act and behave as the customer,” Anscombe said.

Follow me on Twitter: @khouriandrew