***UPDATE***

Yesterday, Attorney General Herring warned that email scams often follow data breaches of this magnitude. Over the last two days, our office has been in touch with Anthem about efforts to mitigate the risks to Virginia consumers while they continue to investigate, including the new www.anthemfacts.com website. Today, Anthem shared with the public and our office the following information on how Virginians can protect themselves from scam emails.

###

ANTHEM ALERTS CONSUMERS TO PROTECT THEMSELVES FROM SCAM EMAIL CAMPAIGNS 

Virginia residents who may have been impacted by the cyber attack against Anthem, should be aware of scam email campaigns targeting current and former Anthem members. These scams, designed to capture personal information (known as "phishing") are designed to appear as if they are from Anthem and the emails include a "click here" link for credit monitoring. These emails are NOT from Anthem.

• DO NOT click on any links in email.
• DO NOT reply to the email or reach out to the senders in any way.
• DO NOT supply any information on the website that may open, if you If you have clicked on a link in email.
• DO NOT open any attachments that arrive with email.

Anthem is not calling members regarding the cyber attack and is not asking for credit card information or social security numbers over the phone.

This outreach is from scam artists who are trying to trick consumers into sharing personal data. There is no indication that the scam email campaigns are being conducted by those that committed the cyber attack, or that the information accessed in the attack is being used by the scammers.

Anthem will contact current and former members via mail delivered by the U.S. Postal Service about the cyber attack with specific information on how to enroll in credit monitoring. Affected members will receive free credit monitoring and ID protection services.

For more guidance on recognizing scam email, please visit the FTC Website: http://www.consumer.ftc.gov/articles/0003-phishing.

For more information on the cyber attack, please visit www.anthemfacts.com.

###

ATTORNEY GENERAL HERRING URGES VIRGINIANS TO BE VIGILANT IN WAKE OF MASSIVE ANTHEM DATA BREACH

~  Breach affects 80 million Anthem subscribers nationally  ~

RICHMOND (February 5, 2015) - Attorney General Mark R. Herring today warned Virginians to be extremely vigilant with their financial accounts, credit reports, and other personal information in light of a massive data breach reported by Anthem, Inc., the second-largest health insurance provider in the nation and the largest insurer in the Commonwealth of Virginia. According to Anthem, hackers breached the company's computer systems and gained access to the names, birthdays, medical ID's, Social Security numbers, email addresses, and employment information of 80 million customers across the nation. It is not yet known how many Virginians may be affected, but Anthem has previously stated they have more than 3 million members in the Commonwealth.

"This is one of the largest data breaches we've ever seen and given the sensitivity of the financial and personal information contained in medical records, it's extremely important that Virginians closely monitor their financial information in the days and weeks ahead," said Attorney General Herring. "These kinds of breaches can lead to an increased risk of identity theft, and criminals may utilize the stolen information to send scam and phishing emails posing as legitimate companies in an attempt to commit fraud or identity theft. If you notice irregular or suspicious financial activity, contact your bank or the business immediately. Never open emails or click links you don't trust, and take proactive steps to keep your information secure online."

 

The Attorney General's Office received 305 database breach notifications in 2014 and works to ensure that companies experiencing database breaches comply with Virginia law by notifying affected Virginians.  Because data breaches lead to an increased risk of identity theft and fraud, all Virginians should regularly monitor their financial accounts and credit reports.  Free credit reports may be obtained at www.annualcreditreport.com.

In addition to the above advice, citizens should heed the following:

• Use strong passwords for your email, computer, and financial accounts, including variations of capital and lowercase letters, numbers, and symbols of at least 8 characters
• Install anti-virus programs on your computer and scan files and emails regularly
• Never download software programs from unknown publishers
• Check for regular updates to your operating system
• Install and activate a software and hardware firewall on your computer
• Back-up all of your data regularly using a USB drive

The Attorney General's Computer Crimes section and Victim Notification program are dedicated to empowering Virginians to protect themselves from identity crime and financial crimes, and works with Virginians who find themselves victims to this increasingly common crime. The office publishes the informational resource, "How to Avoid Identity Theft - A Guide for Victims of Identity Theft."

Additionally, the office offers an Identity Theft Passport, a wallet-sized card that you can carry and present to law enforcement or other individuals who may challenge you about your identity if you have been a victim of an identity crime.  The Identity Theft Passport is available to any Virginian who has filed a police report claiming they are a victim of an identity crime or who has obtained a court order expunging their record as a result of an identity crime. The Attorney General's Office conducts investigations to confirm the legitimacy of all passport applications.  You may download the Identity Theft Passport from the Attorney General's website at http://www.ag.virginia.gov/files/IDTPASSPORTI.pdf or contact the Victim Notification program at 804-786-2071.

For additional information and resources regarding computer crimes and other consumer issues, please visit Attorney General Herring's website at http://www.ag.virginia.gov/.

# # #