(Bloomberg) — Anthem Inc. (NYSE:ANTM) members said they’re stuck in helpless resignation after a corporate cyber-attack, waiting for news on whether their data was compromised even as scammers began seeking to exploit them with phishing and phone calls.
Anthem, the second-biggest U.S. health insurer by market value, said it will probably take about two weeks to figure out how many of its 80 million current and former customers and employees had information like Social Security numbers and insurance IDs exposed by hackers, and to start notifying them.
The insurer warned Friday that customers should beware of phishing e-mails that solicit personal information, including a “click here” link for credit monitoring. Scam artists are also trying to trick consumers into revealing personal data over the phone, the company said in a statement. Anthem will contact affected people via the mail.
The company plans to offer free credit monitoring and identity theft protection to any members or former members who are in the database that was hacked, said Kristin Binns, an Anthem spokeswoman. The identity protection will apply retroactively, she said.
Some customers said they feel like sitting ducks. With their information potentially seized by unknown hands, there’s little they can do to protect themselves.
“With how quickly things are done on the Internet, where is this data? Is it already gone? Is it already sold?” said Jessica Rogers, 37, an Anthem member who’s a marketing instructor in the Dallas area. “And meanwhile, I’m waiting for a letter.”
The National Association of Insurance Commissioners (NAIC) called for a multi-state examination of Anthem and its affiliates.
“An immediate and comprehensive review of the company’s security must be a priority to ensure protection of consumers who are covered by Anthem,” Monica Lindeen, president of the regulators’ group, said in an e-mailed statement.
Sens. Lamar Alexander, a Tennessee Republican, and Patty Murray, a Washington Democrat, who lead the Senate Health, Education, Labor and Pensions (HELP) Committee, today announced an initiative to examine the security of health-information technology and see whether Congress can help ensure the safety of health and insurance records.