Anthem, the second largest health insurance company in the US, announced last week it had been the victim of a massive data breach. The good news appears to be no medical records or credit card data was compromised. The bad news was the names, birth dates, and Social Security numbers of up to 80 million people were compromised which could lead to an even bigger problem than had they simply taken credit card data.
Large data breaches have been front page news stories since Target announced their data breach in the fall of 2013. Several other companies suffered the same fate including Neiman Marcus, Michaels Stores, and most recently, Home Depot. In all of those cases, the hackers were after credit card information which was then sold to criminals on various black market sites.
Tracking credit and debit card fraud, while a pain, is still much easier than dealing with identity fraud which makes the Anthem breach so troubling. Obtaining peoples data enables criminals to impersonate you and do a variety of things that are much more difficult to track including:
- Open credit accounts or obtain loans in your name
- Use your name and Social Security number if arrested by law enforcement
- File fraudulent tax returns
- File for Social Security benefits
- Obtain medical services resulting in your medical data being mixed with theirs
To prevent from falling victim to these surprises there are several things individuals can do to protect themselves.
- Check your free credit report annually at annualcreditreport.com and look for new accounts you didn’t open
- Put a credit lock on all credit cards
- Have your credit monitored by a service such as LifeLock, Identity Guard, or TransUnion
- Obtain a copy of your current Social Security benefits and contributions at ssa.gov and review them annually
- Review all summaries of benefits you receive for care and procedures you didn’t have
- Contact the IRS if you receive notice that you’d already filed a return when you hadn’t
Anthem has already offered a year of free credit monitoring for all people affected by the data breach. This breach, though, should serve as a wakeup call to other insurance companies, as well as hospitals, clinics, physician offices, and all medical establishments in two areas. They need to better secure patient information, as well as carry their own cyber liability insurance to protect them financially if / when they become a victim of a similar data breach. Home Depot incurred cost of $70 million from their data breach, and that number doesn’t include personnel and systems cost to plug the leak.
It would be easy for a physician group, practice, clinic, or hospital to think they will be able to fly beneath the radar due to their size compared to a large insurance company, but that’s not the case. Most data breaches don’t make the news like Anthem did because they occurred in smaller companies and organizations including medical practices. I also believe individuals need to be more vigilant in reviewing their data for activity arising from a breach.
What do you think? Share your thoughts, suggestions, and comments with us on our Facebook, Google +, and LinkedIn pages. I’d love to hear from you!