Earlier this month, health insurance company Anthem, the second-largest in the US, announced that its systems had been hit by a massive data breach affecting nearly 80m individuals. Not all were Anthem customers, however. Upon further investigation, the company recently found that between 8.8m and 18.8m members of other plans in its national network may be victims in the attack as well.
Anthem is part of a national network of Blue Cross Blue Shield (BCBS) plans that BCBS customers can access for medical services if they are in an area where BCBS is operated by a different company. Details of these customers may have been included in the database that was hacked, even though they aren’t Anthem customers.
According the Huffington Post, due to a large number of incomplete records that prevent investigators from linking individuals with their plan, Anthem is not sure of the exact number of Anthem and non-Anthem customers affected by the breach. Hacked data is thought to be restricted to names, dates of birth, Social Security numbers, addresses, phone numbers, email addresses and employment information.
105 million people are covered by 37 companies under the Blue Cross Blue Shield license. Anthem will start notifying customers in the next week.