(Bloomberg) -- Anthem Inc. faces what may be the first of many consumer lawsuits a day after disclosing that hackers obtained data on tens of millions of current and former customers and employees.
A California woman on Thursday accused the health insurer of failing to properly secure and protect its customers’ personal information, including names, birth dates and social security numbers, and she seeks to represent all other customers affected by the massive data breach.
Anthem, the second-biggest U.S. health insurer by market value, said Wednesday that its computer system had been targeted in a sophisticated attack by hackers. The Federal Bureau of Investigation is probing the breach, which people familiar with the matter say includes evidence that points to Chinese state-sponsored hackers.
The Anthem attack is on a similar scale to hacks of customer data from Target Corp. in 2013 and Home Depot Inc. last year in terms of the number of people affected. The stolen information also includes street and e-mail addresses and employee data, including income, Anthem said in an e-mail.
“It appears that Anthem’s security system did not involve encrypting Social Security numbers and birth dates –- two of the most valuable pieces of information that a thief can have,” Susan Morris said in her complaint filed in federal court in Santa Ana, California.
|Unfair Competition
She seeks damages for violations of California’s unfair competition and data breach laws, among other claims.
Kristin Binns, a spokeswoman for Indianapolis-based Anthem, didn’t immediately respond to phone and e-mail messages after regular business hours seeking comment on the lawsuit.
The company will notify customers who were affected and provide credit and identify-theft monitoring services for free, Chief Executive Officer Joseph Swedish said in a letter to members.
Connecticut Attorney General George Jepsen said he sent a letter to Anthem Thursday seeking information about the company’s security measures, how it discovered the breach and measures it’s taking to protect against future attacks. Massachusetts Attorney General Maura Healey also said she is investigating the matter.
New York Attorney General Eric Schneiderman has “reached out to Anthem to discuss how the company can best ensure that consumers across New York state are protected,” a spokesman for Schneiderman, Nick Benson, said in a statement.
Data security has become a priority for some public officials in the wake of earlier breaches at JPMorgan Chase & Co., Sony Corp.’s entertainment unit and Target.
California Attorney General Kamala Harris on Thursday urged consumers to take precautions after reports of the Anthem breach, such as by reviewing credit reports, placing fraud alerts on accounts and watching out for so-called phishing schemes, through which scammers use e-mails to trick consumers into giving additional private information.
The case is Morris v. Anthem Inc., 15-cv-00196, U.S. District Court, Central District of California (Santa Ana).
Copyright 2018 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.