February 27, 2015

As many of our members know, Anthem, Inc., a Blue Cross and Blue Shield company, experienced a sophisticated cyber attack recently that allowed hackers access to members’ personal information, including information of some of our members at Arkansas Blue Cross and Blue Shield, BlueAdvantage Administrators of Arkansas and Health Advantage.

The member information accessed was limited to personal identification data and includes names, dates of birth, addresses, telephone numbers, emails, health plan ID numbers, and a small percentage of Social Security numbers (SSN). According to Anthem, no member credit card, claims or medical information was compromised. Anthem and Arkansas Blue Cross are in the process of notifying these members and letting them know that Anthem is offering free credit monitoring and ID theft protection to them.

Background

The cyber attack that Anthem experienced appears to have begun in early December 2014, but was not detected by Anthem until January 27, 2015, due to the fact that the unknown intruder used a system identity and password of an Anthem database administrator that had been hijacked; it took Anthem several more days, to January 29, 2015, before it was able to determine that an internal database at Anthem had, in fact, been breached.

Arkansas members affected

Anthem has notified us that 17,050 Arkansas residents covered or administered by Arkansas Blue Cross, BlueAdvantage or Health Advantage have been affected; only eight with Social Security number disclosure.

Additionally, 144,865 Arkansas residents covered by Anthem or another Blue Plan have been affected.

Anthem states where claims were processed

All Blue Cross and Blue Shield companies work independently. However, Anthem serves as the claims processor for health care services received in the 14 states where Anthem operates.


February 9, 2015

Be Careful of Email Scams

If you receive an email from Anthem Blue Cross and Blue Shield — and it asks you to "click here" — it is NOT from Anthem.

  • Do NOT click on any links in the email.
  • Do NOT reply to the email or reach out to the sender in any way.
  • Do NOT open any attachments that may be attached to the email.

If you receive a phone call from anyone who's says they are calling on behalf of Anthem, and they are asking for credit card information or Social Security numbers, they are NOT representing Anthem or any Blue Cross and Blue Shield plan. Do NOT give them any information.

If any members of Arkansas Blue Cross and Blue Shield, Health Advantage or BlueAdvantage Administrators of Arkansas are affected by the Anthem security breach (and there is no indication of this at this time), you will be notified via the U.S. Postal Service with specific information on free credit monitoring and ID protection services.

For more information on recognizing email scams, please visit the FTC website.