Close Close

Regulation and Compliance > State Regulation

States ratify Anthem cyber attack settlement

Your article was successfully shared with the contacts you provided.

The National Association of Insurance Commissioners say 18 member states have agreed to participate in a multistate settlement with Anthem Inc. in connection with the data breach revealed in February 2015.  

Related: Senators demand Anthem hasten notifications on data breach

The Kansas City, Missouri-based regulator group says the list of states approving the deal includes Indiana, the Indianapolis-based company’s home state, and California.

All 56 NAIC jurisdictions participated in a targeted market conduct and financial examination, to look at Anthem’s state of preparedness before the breach, its response, the adequacy of post-breach mitigation measures, and the thoroughness of efforts to find the people who breached the data, officials say.

Officials say the settlement includes a requirement that Anthem improve its data security safeguards and a requirement for a special credit protection program for the children affected by the breach.