Blue Cross Blue Shield of Michigan is working with Anthem to identify any current and former Blue Cross Blue Shield of Michigan-covered individuals whose information was stored in the Anthem database. Anthem will be communicating by letter with affected members as soon as data is validated and a letter can be sent. In the meantime, we've compiled a list of answers to some of the common questions we've gotten from BCBSM and BCN members. You can also read more about the matter by visiting mibluesperspectives.com/anthem.
BLUE CROSS BASICS
Are Anthem and Blue Cross Blue Shield of Michigan the same company? No, Anthem and Blue Cross Blue Shield of Michigan are two separate companies. Was Blue Cross Blue Shield of Michigan’s computer system attacked? The attack occurred at Anthem, which is a separate company that operates in 14 states outside of Michigan. Anthem’s system was attacked, not BCBSM’s, and we are actively investigating any possible impacts on our members.
I’m not an Anthem member; I am a member of Blue Cross Blue Shield of Michigan/Blue Care Network. Was my information accessed? Anthem is currently conducting an extensive IT forensic investigation to determine what members are impacted. If you are a current or former BCBSM or BCN member (2004 or after) your information may have been in the Anthem database if:
- You live in one of the 14 states in which Anthem operates
- You have received health care services in these states
If you are affected, you will be notified by letter. However, if you live or received services in one of the 14 states below, you do not have to wait for a letter if you think you were affected. You can visit anthemfacts.comto request a redemption code for free credit monitoring services and to access a specialist to help with identity theft repair. Are only current members impacted? The Anthem investigation to date shows this incident affects members whose data was contained in Anthem’s database warehouse. This includes current and former members dating back to 2004. What 14 states are the states where BCBSM or BCN members may be affected because they live or have received services there?
- New Hampshire
- New York
Why was my information in Anthem’s database? Anthem performs claims processing services for BCBSM and BCN for our members who live in — or are traveling and receive health care services in — the 14 states where Anthem serves as a Blue Cross Blue Shield plan. If you live in one of those states or have received services in those states, you may be affected.
When will I receive a mailed notification if I was affected?
Anthem will mail letters to all affected Blue Cross Blue Shield of Michigan and Blue Care Network members, but we do not have an exact mailing date yet. Additionally, BCBSM and BCN will mail a courtesy letter to their affected members to advise them that the notification is coming, and how to enroll in credit monitoring services and the availability of identity theft repair services.
CREDIT REPORTING SERVICES AND CONSUMER PROTECTIONS
Will affected members receive credit monitoring and other services to help them? Yes. Affected members will receive free credit monitoring, identity theft repair services and child identity protection for two years. Visit anthemfacts.com for more information about the services being offered through a company specializing in these services. How can I sign up for credit monitoring services? The quickest and easiest way to enroll is via the online enrollment process at anthemfacts.com, and then you can follow the links for credit monitoring enrollment. Going online is strongly encouraged, but those who do not have access to the Internet can call Anthem’s established toll-free information number, 1-877-263-7995, from 9 a.m. to 9 p.m., Eastern Standard Time, Monday through Saturday, for assistance to begin the enrollment process for credit monitoring. Can you describe the services being offered? The free services provided by Anthem include two years of:
- Credit Monitoring: At no cost, members may enroll in credit monitoring, which alerts consumers when banks and creditors use their identity to open new credit accounts. This requires a member to actively enroll because the member must provide his or her personal information and consent to have his or her credit monitored. Members can enroll at any time during the 24-month coverage period and can learn how to sign up at anthemfacts.com. Credit monitoring is available for 24 months starting on whichever occurs earlier: the date of the Anthem letter or the date on which the member enrolls in credit monitoring.
- Identity Theft Repair Assistance: Should a member experience fraud, an investigator will do the work to recover financial losses, restore the member’s credit and ensure the member’s identity is returned to its proper condition.This free assistance will cover any fraud that has occurred since the incident first began. For members who have been impacted by the cyber-attack, these services are automatically available and do not require enrollment. Identity repair services are available for 24 months starting on Feb. 13, 2015, or the date the member receives the letter in the mail. Please visit anthemfacts.comto learn more about this service.
- Child Identity Protection: Child-specific identity protection services will also be offered to any members with children insured through their Anthem plan. This is a special service for minors under the age of 18. It examines credit-related databases using a Social Security number and notifies the parent or guardian of results. If a problem is identified, you will be asked to provide additional documents so the service can launch an investigation to restore the credit file to its original status.
How will the credit monitoring enrollment work online? Please visit anthemfacts.comto learn how to access these services. Credit monitoring requires you to actively enroll. Anthem’s online enrollment process will ask a few questions of members to help them determine whether they may have been affected by the cyber-attack so they can decide if they want the services. The site asks members to verify they are a current or former Anthem member or member of another Blue Cross plan. It asks them to enter their name and email address to obtain a redemption code. A confirmation email will be sent within 72 hours. Separate redemption codes are needed for each family member. For each member, submit a new request with his or her full name. Parents or guardians may use the same email address for children — but each adult must have his or her own (unique) email address. Is there a phone number to call for credit monitoring, or do I have to enroll online? The quickest and easiest way to enroll is via the online enrollment process at anthemfacts.com, and then you can follow the links for credit monitoring enrollment. Going online is strongly encouraged, but those who do not have access to the Internet can call Anthem’s established toll-free information number, 1-877-263-7995, from 9 a.m. to 9 p.m., Eastern Standard Time, Monday through Saturday, for assistance to begin the enrollment process for credit monitoring. Callers will receive a ticket number so that when they are called back, the callers will have their reference number. Do I call a number for identity theft repair assistance if I experience fraud? You get in touch with a specialist should you need assistance for identity theft repair by calling 1-877-263-7995, from 9 a.m. to 9 p.m., Eastern Standard Time, Monday through Saturday. What steps is Anthem taking to protect my personal and health information? Anthem is doing everything it can to ensure there is no further vulnerability to its database warehouses. Anthem has contracted with a global company specializing in the investigation and resolution of cyber-attacks. Anthem will work with this company to reduce the risk of any further vulnerabilities and work to strengthen security.
Where can BCBSM members get updates? They can check anthemfacts.com for detailed information or visit mibluesperspectives.com/anthem for general updates. Did Anthem Blue Cross establish a website for information? Yes, Anthem established a website at www.anthemfacts.com/faq. What are the steps that a member can take to protect their personal information? To further protect their personal information, we recommend that members carefully monitor their Explanation of Benefits statements and financial accounts for services they did not receive or any inappropriate or suspicious claims. In the event that they notice any inappropriate activity on their Explanation of Benefits statements, please contact BCBSM’s Anti-Fraud Hotline at 1-800-482-3787 between 8:30 a.m. and 4:30 p.m., Eastern Standard Time, Monday through Friday. We also recommend that members take the following precautionary steps:
- Consider an increased level of protection by placing a fraud alert on their credit file and the three credit reporting agencies. There is no cost for this service. They may call the credit reporting agencies at the toll-free numbers listed below:
- Equifax: 1-877-478-7625
- Experian: 1-888-397-3742
- TransUnion: 1-800-680-7289
- Review their credit report with each of the national credit reporting agencies regularly. They are entitled to a free credit report each year. They can request your annual free credit report by calling 1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261.
I’ve heard that there might be some scam email campaigns or I’ve received an email from Anthem and want to know if it is legitimate. Those who may have been impacted by the Anthem cyber-attack should be aware of scam email campaigns targeting current and former Anthem members. These scams, designed to capture personal information (known as “phishing”) appear as if they are from Anthem and the emails include a “click here” link for credit monitoring. These emails are NOT from Anthem. To protect yourself and your information, the following actions are recommended:
- DO NOT click on any links in email.
- DO NOT reply to the email or reach out to the senders in any way.
- DO NOT supply any information on the website that may open, if you have clicked on a link in email.
- DO NOT open any attachments that arrive with email.
This outreach is from scam artists who are trying to trick consumers into sharing personal data. There is no indication that the scam email campaigns are being conducted by those that committed the cyber-attack, or that the information accessed in the attack is being used by the scammers. Official communications from Anthem will be sent to current and former members via mail delivered by the U.S. Postal Service only. For more guidance on recognizing scam email, please visit the FTC Website: http://www.consumer.ftc.gov/articles/0003-phishing.
Originally published Feb. 19, 2015. Last updated Feb. 24, 2015.