The following message is from Screen Actors Guild – Producers Pension & Health Plans:
Last night the Plans discovered, Anthem, who provides the Health Plan with access to their provider network, experienced an IT security breach. An Anthem IT system was compromised and personal information from current and former customers and employees was stolen. We are currently not aware of how many Health Plan participants were affected.
As we learn more about the Anthem breach we will continually update our website and communicate all new information with you. Protecting your personal information is one of our top priorities, and our internal IT team is constantly working to secure your data as well as on updating our security processes.
We have been in direct contact with Anthem since the breach and were recently updated directly by them.
The latest details from Anthem are below:
- Anthem, Inc. was the victim of a cyber-attack and is working with federal investigators to determine who is responsible and why Anthem, Inc. was targeted.
- On January 27, Anthem discovered that one of its database warehouses was experiencing a suspicious data query. Anthem immediately stopped the unauthorized activity and launched an internal investigation, where we learned that the compromised database warehouse experienced a series of sporadic suspicious queries during the course of several weeks. Anthem took immediate action to secure its data and contacted federal investigators.
- On January 29, 2015, Anthem determined that they were the victim of a sophisticated cyber-attack. Anthem immediately notified federal law enforcement officials and shared the indicators of compromise with the HITRUST C3 (Cyber Threat Intelligence and Incident Coordination Center.)
- Anthem's investigation indicates that the attacker gained access to one of its database warehouses. Initial analysis indicates the attacker had access to information on a significant number of consumers. This includes Anthem's affiliated health plans' current and former members and some members of non-affiliated Blue Plans who received medical services in Anthem states.
- Anthem's investigation to date shows the information accessed includes member names, member health identification (ID) numbers, dates of birth, Social Security numbers, addresses, telephone numbers, email addresses and employment information, including income data.
- Social Security numbers were included in only a subset of the universe of consumers that were impacted. Anthem is still working to identify how many Social Security numbers were accessed.
- Anthem's investigation to date shows no credit card information or confidential health information was compromised. However, we would like to emphasize that the Plans do not store participant credit card information nor do we exchange credit card information with Anthem, therefore the credit card component does not apply to our participants.
- Since discovery of the issue, Anthem has been working to identify impacted members and groups.
- Anthem is continuing to investigate the extent of the data breach, and is doing everything they can to ensure there is no further vulnerability to our database warehouses.
- Anthem has contracted with Mandiant – a global company specializing in the investigation and resolution of cyber-attacks. Anthem will work with Mandiant to ensure there are no further vulnerabilities, identify potential gaps and strengthen security to all Anthem networks.
Anthem has set up a website (www.AnthemFacts.com) where you can access additional FAQs. Or, you can also call Anthem at (877) 263-7995.