For Immediate Release - February 25, 2015

AG Healey Urges Massachusetts Consumers Potentially Affected by Anthem Data Breach to Take Action to Protect Their Credit, Identity

Anthem Reports Nearly One Million People with Massachusetts Ties Potentially Affected; AG Announced Investigation of Breach Earlier this Month

BOSTON – After health insurer Anthem, Inc. announced that the recent data breach at Anthem could potentially affect the personal information, including Social Security numbers, of nearly one million people with Massachusetts ties, Attorney General Maura Healey is offering advice on how consumers can protect their personal information against identity theft. Earlier this month, AG Healey announced that her office is investigating the matter.

“Our office is very concerned that this significant data breach may have put the personal information of Massachusetts consumers at risk,” AG Healey said. “We have been in contact with Anthem to review the circumstances and will continue to investigate this matter with Attorneys General across the country. In the meantime, we urge people to take immediate steps to protect themselves and their family members from identity theft and to protect their personal information moving forward.”

According to Anthem, 967,000 people with ties to Massachusetts may be affected. Potentially affected consumers include customers of Anthem, Inc. companies Amerigroup, Anthem and Empire Blue Cross Blue Shield companies, Caremore, and Unicare. Additionally, customers of Blue Cross and Blue Shield companies who used their Blue Cross and Blue Shield insurance in one of fourteen states where Anthem, Inc. operates may be impacted (California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri, Nevada, New Hampshire, New York, Ohio, Virginia, and Wisconsin). 

The information that may have been compromised includes names, birthdays, medical IDs/Social Security numbers, street addresses, email addresses and employment information, including income data. Anthem reports that there is no evidence at this time that credit card or medical information (such as claims, test results or diagnostic codes) were compromised.

Anthem is offering two years of free credit monitoring, identity theft insurance and other services, and plans to send notice to all affected consumers about the breach. The company has posted information for customers about the breach here.

The AG’s Office offers consumers the following information on how to guard themselves from potential identity theft:

  1. Sign-up for the two years of free credit monitoring offered by Anthem for you and your family members, including minor dependents.    

(2)Order a copy of your credit report and Explanation of Benefits Statements, and look for unauthorized activity.

  • Look carefully for unexplained activity on your credit report. You are entitled to one free copy of your credit report every 12 months from each of the three nationwide credit reporting companies, which can be obtained through https://www.annualcreditreport.com/index.action. Staggering the reports every four months (one free annual report per each of the three major credit bureaus) is a good way to monitor your credit throughout the year. 
  • Also, check your and your family’s Explanation of Benefits (“EOB”s) from your health insurance company to confirm that all information is accurate.

(3) If you suspect that your account information may have been affected by a security breach, call one of the three major credit bureaus and place a one-call fraud alert on your credit report:

  • You only need to call one of the three credit bureaus; the one you contact is required by law to contact the other two credit bureaus.
  • Equifax: Call (800) 525-6285, and write: P.O. Box 740241, Atlanta, GA 30374-0241.
  • Experian: Call (888) 397-3742, and write: P.O. Box 9532, Allen, TX 75013.
  • TransUnion: Call (800) 680-7289, and write: Fraud Victim Assistance Division, P.O. Box 6790 Fullerton, CA 92834-6790.
  • This one-call fraud alert will remain in your credit file for at least 90 days. The fraud alert requires creditors to contact you before opening any new accounts or increasing credit limits on your existing accounts. When you place a fraud alert on your credit report, all three credit bureaus are required to send you a credit report free of charge.
  • If after reviewing your credit report you believe there is unexplained activity, you may want to place an extended fraud alert on your credit report. In order to do this, you need to file a police report with your local police department, keep a copy for yourself, and provide a copy to one of the three major credit bureaus. An extended fraud alert can be placed on your file for a 7 year period.

(4) Consider placing a “security freeze” on your credit report.

  • Consider placing a “security freeze” on your credit report by written request to each of the three credit bureaus to prohibit the release of any information from your report without your written authorization. A security freeze differs from credit monitoring in that it prevents new lines of credit from being opened without your authorization.

(5)If you are a victim of fraud or identity theft.  There are many steps you will need to take to protect your identity. For further steps to protect themselves, consumers may contact the Attorney General's consumer hotline at (617) 727-8400, review identity theft protection tips at the AG’s website or view the Federal Trade Commission's identity theft resource, available at www.consumer.gov/idtheft/

#######