Anthem Blue Cross Blue Shield sent 20,000 Kentucky health care customers notification letters that their names, social security numbers, and credit card information was accessed by a small group of people who “tinkered” with the company’s URL.
The security breach wasn’t just limited to Kentucky, though.
Anthem BC/BS spokesperson Tony Felts believes that the hackers are actually attorneys. Felts said a California customer discovered the glitch and attorneys hacked into the site in an effort to prove the customer’s case. Felts said, “We believe that this manipulation was conducted to support a class action against Anthem or its parent company over the very breach being committed. We are currently weighing our legal options with respect to the data and the impact, if any, on our members, and the remediation costs incurred as a result of these actions.”
Anthem says only those who are self-insured had their information exposed, and that everyone affected received notification. Anthem BC/BS stated they’ve taken steps to ensure their customer’s safety and that no one had reported identity theft.
If the breach was caused by attorneys, that could mean a bigger problem for Anthem as it’s an indication that anyone with some knowledge of computer security could break in and retrieve personal data. While the Anthem investigates the nature of the crime, and possible suspects, their customers have to “wait and see.”
In lieu of an explanation, Anthem BC/BS is providing a year’s worth of credit monitoring services to all customers affected.