Skip to main content
close search
site logo
Dive Brief

Anthem breached again after contractor emailed file with 18,500 members' info

Published Aug. 1, 2017
Naomi Eide's headshot
Managing Editor

Dive Brief:

  • Anthem is once again dealing with a data breach, this one impacting more than 18,500 individuals after a contactor emailed a file with Anthem members' information to his personal email address in July 2016, according to a media alert. The contractor was an employee of LaunchPoint Ventures, a third-party contractor which provides insurance coordination services to the payer. Anthem reported the breach to the U.S. Department of Health and Human Services on July 24.

  • Launchpoint learned of the breach after one of its employees was was involved in "identity theft-related activities" on April 12, according to the announcement. Following the incident, LaunchPoint hired a forensics firm to investigate, which discovered the contractor's email. The firm "terminated" the employee, who is currently incarcerated and under investigation by law enforcement, though the incidents are unrelated to the Anthem email.

  • Once the third-party confirmed the file included protected health information, it informed Anthem of the incident on July 14. The PHI included Medicare ID numbers, which include Social Security numbers, Health Plan ID numbers, Medicare contract numbers and enrollment dates, according to the announcement.

Dive Insight:

The news of the third-party data breach comes just after Anthem agreed to pay $115 million to settle a class-action lawsuit for the 2015 data breach, which resulted in the personal information theft of 80 million members and employees. Anthem did not admit any wrongdoing and  in a statement after the settlement was announced said it was "determined to do its part to prevent future attacks."

Though the payer could have stringent cybersecurity policies and data best practices, it cannot always control the actions of third-party providers. Some of the most high-profile data breaches have come at the hands of third-party providers. In the Target breach, hackers broke into corporate systems using network credentials from the retailer's refrigeration and HVAC provider.

But the problem is companies can't do away with the third party ecosystem. Organizations need external providers to help keep systems running, whether that's building service providers or insurance coordination services.

It's bad timing for Anthem, which certainly does not need another breach on its hands, especially since the class action lawsuit alleged that Anthem knew its IT was lacking. This breach, however, impacts far fewer people and LaunchPoint has already said it would provide information on preventing identity theft and fraud to those impacted, in addition to two years of credit monitoring and identity theft restoration services.

Recommended Reading

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Smart City Expo USA 2025 Speakers Announced
From Smart City Expo USA
December 11, 2024
Welo Data Launches Innovative Model Assessment Suite, Advancing Multilingual Causal Reasoning …
From Welocalize, Inc.
December 17, 2024
NeuBird Secures $22.5M in Funding, Announces General Availability of Hawkeye: An AI Teammate f…
From NeuBird
December 11, 2024
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Editors' picks
Latest in IT Strategy
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.