A Breach Letter From Anthem.


On January 29, 2015, Anthem, Inc. (Anthem) discovered that cyber attackers executed a sophisticated attack to gain unauthorized access to Anthem’s IT System and obtained personal information relating to customers who were or are currently covered by Anthem or other Independent Blue Cross and Blue Shield plans that work with Anthem. Anthem believes that this suspicious activity may have occurred over the course of several weeks beginning in December, 2014.

As soon as we discovered the attack, we immediately began working to close the security vulnerability and contacted the FBI. We have been fully cooperating with the FBI’s investigation. Anthem has also retained Mandiant, one of he world’s leading cybersecurity firms, to assist us in our investigation and to strengthen the security of our systems.

These steps are important. The FBI immediately gave Anthem the opportunity to tell reporters writing stories about our breach that we cannot comment on it, because of an active investigation. We refer all press inquiries to the FBI Public Information Office, which may admit that the FBI exists, but certainly won’t confirm it.

And hiring Mandiant gives us the opportunity to demonstrate “good will” in terms of the inevitable class-action lawsuit, to reduce our total exposure and also, since Mandiant will find that China was responsible for … oh, wait, they already did: since China is responsible for this breach, this is really a situation in which the US government should have moved sooner to help protect you and your data from nation state adversaries. We’ll be filing applications for remedy with the Department of Commerce.

On the other hand, this did give us an opportunity to really focus on the things that are important. We’ve been working not just on closing vulnerabilities in our systems, but re-thinking our IT policies, especially those which didn’t allow our executives to get iPads. Since the Chinese are in anyway, we’ve all got those new cool smaller ones now. Which are, like, really awesome.

On a personal note, we’ve begun taking more responsibility. We’re watching the diet, getting exercise, and keeping an eye on those cholesterol numbers. Bob in HR got himself that new Tesla, the one with the really cool app for his iPad? Cuts down on the greenhouse gasses, does our part in fighting climate change. It’s this kind of corporate citizenship that lets us stand head and shoulders above the others.

You should be aware of scams that may try to exploit our pathetic information security even further. That’s our way of shifting responsibility for what happened from us to you — telling you not to open strange emails, or clicking on, well, pretty much any Internet links.

Your business is important to us. Thank you.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.