The health insurance company Anthem suffered a cyber attack late on Wednesday, compromising the personal information of millions of current and former clients and employees. The major U.S. health insurer called the incident a "very sophisticated external cyber attack" on the company's IT system, with nearly 40 million people potentially affected.
In a statement released on the website AnthemFacts.com, Anthem President and CEO Joseph Swedish said the hackers gained unauthorized access to personal information such as Social Security numbers, birthday dates, email and street addresses, and medical ID numbers. However, credit card numbers and bank account information don't appear to be compromised at this time. Swedish added that personal medical information such as test results also seem to be safe.
"I want to personally apologize to each of you for what has happened, as I know you expect us to protect your information," Swedish said.
The company said it promptly contacted the FBI following the cyber breach, and will fully cooperate with federal authorities during the investigation. Anthem has also hired the cybersecurity firm Mandiant to "evaluate our systems and identify solutions based on the evolving landscape."
Swedish said the company will personally contact individuals who were affected by the cyber attack, as well as provide free identity protection services and credit monitoring. "Anthem’s own associates’ personal information – including my own – was accessed during this security breach," Swedish said. "We join you in your concern and frustration."
According to NBC News, the data base the hackers compromised actually contained nearly 80 million former and current Anthem consumers, though the company claims the number of those affected will be much lower. Currently, Anthem provides health insurance to residents in 14 states, including California and New York — making the insurance form the second-largest in the United States.
U.S. Rep. Michael McCaul, who serves as chairman of the Committee on Homeland Security, released this statement following news of the wide-reaching hack:
This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information. I will lead this effort with other committees in the house and senate to ensure we move forward with greatly needed cybersecurity legislation as soon as possible.
The attack on Anthem follows the notorious hack of Sony Pictures Entertainment, which compromised the personal information of thousands of employees and leaked emails and unreleased movies onto the web. The FBI pinned the cyber attack on the government of North Korea, claiming it was retaliation for the scheduled release of The Interview. North Korean officials have repeatedly denied responsibility.
Images: Getty Images