Anthem insurance hacking victims now targeted by phishing attacks

Earlier this week the news broke that the Anthem insurance company had been hacked with data on over 80 million potential Americans being stolen. Now the victims of the data breach are finding themselves the targets of a widespread phishing scheme from fraudsters who managed to get their hands on the stolen information. Current and past Anthem subscribers are receiving emails and even cold calls from scam artists claiming to be from the company, the US's second largest health insurer.

Most of the emails and phone calls appear to be offering a free year of credit monitoring, encouraging recipients to either click on an attached link or offer up sensitive personal information. Anthem spoke to Krebs on Security and said that they would be offering a credit monitoring service to assist customers who were affected by the initial data breach, however they have not yet made such offers, nor sent any emails.

In the meantime, Anthem has issued a press release warning its customers about the phishing attempts and confirming that they have not sent any emails or called any customers. The company says that when it does begin contacting those affected by the data breach, it will be through mailed letters.

Security experts say it isn't clear if the stolen data has been distributed publicly yet and is thus being used for the phishing scams, or if fraudsters are merely using the news of the hacking and trying to pray on Anthem customers. Among the data on the tens of millions of subscribers that was stolen include social security numbers, names, addresses, birth dates, phone numbers, and employment information.

VIA The Verge

SOURCE Krebs on Security, Anthem