The Detectives’ Endowment Association, Inc. — Michael J. Palladino, President

Anthem/Empire Blue Cross Cyber Attack

February 18, 2015

                                         April 16, 2015

 

Last night and earlier today we were notified by several of our members that their Federal income tax returns were rejected by the IRS due to fradulent returns that had already been filed on their behalf. We immediately reported this to Empire Blue Cross Blue Shield/Anthem and were advised that any individuals who receive such notification should immediately report the incident to Anthem by telephoning 877-263-7995 or send an email to AllClearMemberInquiry@anthem.com  It is highly recommended that all DEA members and their dependents elect to enroll in the All Clear Pro services being offered at Anthemfacts.com at no cost to the member for a two year period.

 

 

                                    February 18, 2015


Empire BCBS / Anthem will be sending emails to current and former members to keep them informed about their actions in response to the cyber-attack. The email notifications will start going out today with information about identity protection and credit monitoring services.  Empire BCBS / Anthem  is required to send this e-mail due to state laws around breach notifications.

 

If you have given Empire your email address, you will soon receive an email about identity protection and credit monitoring services.  The subject line of the email will be “Important Message From Anthem, Inc.” and it will direct you to visit AnthemFacts.com to sign up for credit protection services. The email will not ask for personal information. We encourage you to read the email and visit AnthemFacts.com to sign up for the services provided by Empire.

 

The attached PDF contains an important message issued on February 18th by Anthem providing  further specifics of the cyber-attack and the protection services being provided at no cost to our members effective immediately:

 

Click Here for PDF

 

 


 

February 13, 2015

 

HOW THOSE AFFECTED BY CYBER ATTACK ON ANTHEM CAN GET IDENTITY THEFT REPAIR & CREDIT MONITORING SERVICES

 

Services Available to Affected Members in English, Spanish Starting on Friday at 2 p.m. ET

 

New York, NY – February 13, 2015 – Current and former Empire BlueCross BlueShield members dating back to 2004 are being offered identity repair assistance and credit monitoring services via AnthemFacts.com starting at 2 p.m. ET on Friday, Feb. 13, 2015.

                           

Affected members can start accessing these services prior to receiving a mailed notification from Anthem, Inc, Empire BlueCross BlueShield’s parent company, which will be sent in the coming weeks. Members may access these services at any time during the 24 month coverage period.

The free identity protection services provided by Empire include:

                                          

o   Identity Theft Repair Assistance:  Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member’s credit, and ensure the member’s identity is returned to its proper condition. This assistance will cover any fraud that has occurred since the incident first began.

o   Credit Monitoring: At no cost, members may also enroll in credit monitoring, which alerts consumers when banks and creditors use their identity to open new credit accounts.

o   Child Identity Protection:  Child-specific identity protection services will also be offered to any members with children insured through their Empire plan.

Identity theft repair services are available to Empire members who feel they have experienced fraud. For members who have been impacted by the cyber attack, these services are automatically available and do not require enrollment. Please visit AnthemFacts.com to learn how to access these services. Members may access identity theft repair services by calling 877-263-7995.

Additional protection is available through credit monitoring services.  This requires a member to actively enroll because the member must provide their personal information and consent to have their credit monitored. Members can enroll at any time during the 24-month coverage period, and can learn how to sign up at AnthemFacts.com. Members who do not have access to the Internet or who prefer telephone service may call 877-263-7995 for assistance.

Spanish-speaking members may access information at AnthemInforma.com, or receive assistance in Spanish at 877-263-7995.

Phone lines will be open from 2 to 9 p.m. ET on Friday, and will be open 9 a.m. to 9 p.m. ET Monday to Saturday.

Members who have provided e-mails to Anthem and have opted in to receiving communications may receive an e-mail directing them to visit AnthemFacts.com to sign up for services. This e-mail is scheduled to be distributed the week of Feb. 16. This email, sent due to state notification requirements, will not ask for personal information and will not contain a link to any websites other than AnthemFacts.com.

Media Contact:

Sally Kweskin, 720-373-4836sally.kweskin@empireblue.com@empirebcbs

                                               

 

About Empire BlueCross BlueShield

Serving New Yorkers for 80 years, Empire BlueCross BlueShield is the largest health insurer in New York supporting nearly five million members and more than 38,000 business, union and small employers in New York. Empire BlueCross BlueShield (Empire) is the trade name of Empire HealthChoice Assurance, Inc., and Empire Blue Cross Blue Shield HMO is the trade name of Empire HealthChoice HMO, Inc., independent licensees of the Blue Cross Blue Shield Association, serving residents and businesses in the 28 eastern and southeastern counties of New York State. Additional information about Empire is available at www.empireblue.com. Also, follow us on Twitter at www.twitter.com/healthjoinin or @empirebcbs, on Facebook at www.facebook.com/HealthJoinIn, or visit our YouTube channel at www.youtube.com/healthjoinin

 


 

February 12, 2015

 

Empire BlueCross BlueShield Cyber-Attack Update

Last week, we made you aware that Anthem was the target of a very sophisticated external, cyber-attack.  Since that time, we have been working around the clock continuing our assistance in the FBI investigation; analyzing the data to understand the impact to our members; responding to questions from our clients, members and partners; and securing a best-in-class vendor to provide identity protection services to our members as quickly as possible.

To that end, we understand that you and your employees are eager to receive more information about how to enroll in the credit protections we are providing. Starting this Friday, Feb. 13, current and former Anthem members whose information was included in the database that was compromised, can visit AnthemFacts.com to learn how to enroll in two years of free credit monitoring and identity theft repair services provided by our vendor – a leading and trusted identity protection provider. Members can access these services startingFriday, Feb. 13, prior to receiving a mailed notification from Anthem, which will be sent in the coming weeks.

The free identity protection services provided by Anthem include two years of:

  • Identity Repair Assistance:  Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member’s credit, and ensure the member’s identity is returned to its proper condition. This assistance will cover any fraud that has occurred since the incident first began.
  • Credit Monitoring: At no cost, members may also enroll in additional protections, including credit monitoring. Credit monitoring alerts consumers when banks and creditors use their identity to open new credit accounts.
  • Child Identity Protection:  Child-specific identity protection services will also be offered to any members with children insured through their Anthem plan.
  • Identity theft insurance:  For individuals who enroll, the company has arranged for $1,000,000 in identity theft insurance, where allowed by law.
  • Identity theft monitoring/fraud detection: For members who enroll, data such as credit card numbers, social security numbers and emails will be scanned against aggregated data sources maintained by top security researchers that contain stolen and compromised individual data, in order to look for any indication that the members’ data has been compromised.
  • Phone Alerts:  Individuals who register for this service and provide their contact information will receive an alert when there is a notification from a credit bureau, or when it appears from identity theft monitoring activities that the individual’s identity may be compromised

Industry standards under similar circumstances are to provide credit monitoring services for one year; however, we are exceeding these standards and providing  these identity protection and credit monitoring services to all impacted members for two years, in response to your concerns. This has been our priority from day one, to be transparent, protect your data and to give our members peace of mind.

We have been working to arrange for these credit monitoring and identity theft protection services since the attack on our systems was discovered. Doing so has required enormous efforts and commitment of resources to ensure that our vendor can accommodate what we anticipate will be very high demand for these services. It was essential that we work with the vendor to develop the infrastructure to handle a high volume of calls and web traffic, and to train representatives to accurately answer questions from our members. Our goal is to provide peace of mind, while minimizing frustration for our members. We are able to provide these services 11 business days after discovery of the attack.

We will distribute press releases in our markets on Friday announcing the identity protection services are available. We will also send letters in the mail to our members in the coming weeks with information on how to sign up for services. We will share a copy of these communications with you before they are distributed.

We will continue to provide updates as we learn more about the attack, and we are here to answer your questions to the best of our ability.

 


 

February 5, 2015

 

The Municipal Labor Committee and the City of New York  learned this morning that Anthem, the parent company of Empire Blue Cross Blue Shield, was the victim of a highly sophisticated cyber attack. This was reported by the media last night and this morning. We then learned directly from Empire Blue Cross that the compromised data may include our City employees’ data.  Representatives of the MLC Technical Committee participated in our conference call with Empire Blue Cross earlier today.  The MLC Technical Committee will be kept informed and involved with any updated information received regarding this cyber attack.

Anthem has been working closely with the FBI to investigate the cyber attack which covered 14 different states across all their lines of business. They have not yet identified which individuals are affected by the breach. They know that the information accessed includes member names, member health IDs, dates of birth, addresses, telephone numbers and employment information including income information. Some social security numbers, which were contained in a subset file, were also compromised. Anthem has advised us that their investigation to date indicates that no medical information or credit card information was compromised. They also advised that the security vulnerability has already been corrected.

Within two weeks, they will  be notifying any individuals impacted by the data breach by mail.  Affected individuals will be enrolled in free identity repair services and offered free credit monitoring.

The City’s Office of Labor Relations will be posting a notice today on its website directing employees to Anthem’s website, http://www.AnthemFacts.com , for more information on the cyber attack.  The information on their site includes a letter from Anthem’s President, a FAQ notice and a toll free number to call for more information. That phone number is 1-877-263-7995.

Anthem has committed to keeping us informed on any developments affecting city employees.

If you would like to speak with a customer service representative at Anthem, please dial the above referenced phone number and press 1 when prompted.

The DEA will keep our members apprised of any and all updates through this website.


Empire BlueCross BlueShield Alerts Consumers to

Protect Themselves from Scam Email Campaigns

Media Contact: Sally Kweskin, 212-476-1421, sally.kweskin@empireblue.com, @empirebcbs

NEW YORK, NY, February 6, 2015 –– New York residents who may have been impacted by the cyber attack against Anthem, should be aware of scam email campaigns targeting current and former Empire BlueCross BlueShield and Empire BlueCross members. These scams, designed to capture personal information (known as “phishing”) are designed to appear as if they are from Anthem, (Empire’s parent company), and the emails include a “click here” link for credit monitoring. These emails are NOT from Anthem or Empire.

  • DO NOT click on any links in email.
  • DO NOT reply to the email or reach out to the senders in any way.
  • DO NOT supply any information on the website that may open, if you have clicked on a link in email.
  • DO NOT open any attachments that arrive with email.

Empire also is NOT calling members regarding the cyber attack and is not asking for credit card information or social security numbers over the phone.

This outreach is from scam artists who are trying to trick consumers into sharing personal data. There is no indication that the scam email campaigns are being conducted by those that committed the cyber attack, or that the information accessed in the attack is being used by the scammers.

Empire will contact current and former members via mail delivered by the U.S. Postal Service about the cyber attack with specific information on how to enroll in credit monitoring. Affected members will receive free credit monitoring and ID protection services. 

For more guidance on recognizing scam email, please visit the FTC Website: http://www.consumer.ftc.gov/articles/0003-phishing. Additional information about the cyber attack against Anthem is available at www.AnthemFacts.com.

About Empire BlueCross BlueShield

Serving New Yorkers for 80 years, Empire BlueCross BlueShield is the largest health insurer in New York supporting nearly five million members and more than 38,000 business, union and small employers in New York. Empire BlueCross BlueShield (Empire) is the trade name of Empire HealthChoice Assurance, Inc., and Empire Blue Cross Blue Shield HMO is the trade name of Empire HealthChoice HMO, Inc., independent licensees of the Blue Cross Blue Shield Association, serving residents and businesses in the 28 eastern and southeastern counties of New York State. Additional information about Empire is available at www.empireblue.com. Also, follow us on Twitter at www.twitter.com/healthjoinin or @empirebcbs, on Facebook at www.facebook.com/HealthJoinIn, or visit our YouTube channel at www.youtube.com/healthjoinin


Q&A’s

This section will be updated as more information becomes available.

1.  What are the hours of the customers service line 1-877-263-7995  .

The Customer  Service team will be staffed  from 7-7 local time zone M-F and 9-6 on Saturday and Sunday

 

2.  How are they sending out the letters? timing and how many letters ?

Anthem / Empire BCBS  is currently conducting an extensive IT forensic investigation to determine what members are impacted.  We are currently in contract negotiations with a vendor to handle the credit monitoring piece. We are expecting the services to be available to members in approximately 2 weeks.

 

3.  Are we going to change ID #’s or Alternate #’s if requested ?

        Anthem / Empire BCBS  is working around the clock to determine how many people have been impacted and will notify all who are impacted. Anthem/ Empire BCBS  will provide further guidance on next steps. Your current member ID card and number are valid and will provide you access to care.