“Tens Of Millions” Of Personal Records Stolen In Hack On Health Insurance Company Anthem

Any data breach is bad, but the more personal they are — and the more widespread — the worse. And by both metrics, the hack just announced by major health insurer Anthem is particularly terrible.

Anthem announced late last night that hackers had broken into their databases and stolen personal information for basically everyone the company has records for, the Wall Street Journal reports.

The purloined personal information includes names, dates of birth, social security numbers, street addresses, e-mail addresses, employment information, and income data. Both current and former members and employees were hit, to the tune of “tens of millions” according to a company spokesperson. The WSJ estimates that about 80 million people may have had their data stolen.

The only silver lining is that no medical information or histories — nor any payment info, like credit card numbers — were accessed. However, with names, SSNs, dates of birth, and addresses all stolen together, anyone who’s ever worked with or for Anthem could still be in for a world of hurt.

Anthem, formerly known as Wellpoint, is the second-largest health insurer in the country and currently covers 37.5 million Americans. They operate a wide variety of plans and brands, particularly Blue Cross Blue Shield.

Unlike many other large-scale data breaches in the last few years, Anthem actually noticed this one on their own, internally. They in turn then brought it to the attention of the FBI and hired a specialist cybersecurity firm to help investigate. In a statement, company president and CEO Joseph R. Swedish called it a “very sophisticated external cyber attack.”

Anthem has promised that in the coming weeks they will individually notify customers whose data was accessed, and will provide information on how those customers and employees can sign up for identity theft protection services.

The company has launched a dedicated website for sharing information about the breach, though at the moment it only contains the statement from Swedish and a brief FAQ.

Health Insurer Anthem Hit by Hackers [Wall Street Journal]