Sign up to our newsletter
The database breach, which could affect more than 80 million customers, is now being exploited to obtain sensitive information via emails purporting to be sent by Anthem. Phishing emails are said to be offering victims support as well as a free credit-monitoring service, but no such offers have yet been made by the health insurer – although the company has said it will be doing so in time.
In a press release last Friday, Anthem warned customers not to open or reply to any such emails – being extra careful not to click hyperlinks or open any attachments.
Customer names, birthdays, social security numbers, street addresses, email addresses and employment data were all said to be vulnerable following the breach, and Anthem says that scam artists have also attempted to contact the victims by telephone.
“Anthem is not calling members regarding the cyberattack and is not asking for credit card information or social security numbers over the phone,” the company said. “This outreach is from scam artists who are trying to trick consumers into sharing personal data.”
In addition to this warning, We Live Security’s Lysa Myers offered 5 defensive tips last week to help Anthem subscribers protect themselves against the criminals.
So far it’s not clear whether these phishing attacks are a direct result of the hack, and security journalist Brian Krebs proposes they’re more than likely “random and opportunistic.” He did, however, not rule out the possibility that the scam artists had gotten hold of the breached database.
Author Kyle Ellison, ESET