What to do after a data breach compromises your identity
Tens of millions of Americans could be victims of the latest corporate data breach, this one at Anthem Insurance. Unknown hackers apparently stole Personal Identifying Information (PII) from current and former Anthem customers, including names, addresses, Social Security numbers, dates of birth and other information that can be used for identity theft.
Anthem has set up a separate website with information for potential victims. Whenever a data breach is involved, Better Business Bureau recommends first going directly to a company’s main website and following links to dedicated information pages for customers. Scammers often take advantage of data breaches and subsequent confusion to set up spoof websites and send phishing emails with disguised links.
BBB offers the following suggestions for consumers concerned that their PII has been stolen (also available at bbb.org/breach):
- Do not take a “wait and see” approach. The type of information stolen in this case is much more sensitive and valuable than credit or debit card data. You must act quickly. Breaches involving Social Security numbers have the potential for wide-ranging problems for victims, and the damage can be difficult to repair.
- Consider taking a preemptive strike by freezing your credit reports. This will not impact existing credit cards and financial accounts, but will create a roadblock for thieves seeking to create fraudulent accounts using your personal information.
- At a minimum, if you know your Social Security number has been compromised, place a fraud alert on your credit reports. While less effective than a freeze, this will provide an extra layer of protection. Click here to learn more about security freezes and fraud alerts.
- Take advantage of the free credit monitoring services Anthem will be offering to breach victims. While this is not a preventative measure, this will alert you to new accounts or inquiries using your Social Security number so that you can act quickly to repair the damage.
- Vigilance is key. Regularly check your credit reports at annualcreditreport.com for unauthorized charges or other signs of fraud. (NOTE: This is the only free credit report option authorized by the Federal Trade Commission.)
- For more information and complete step-by-step guidance on repairing the damage caused by identity theft, visit the FTC’s identity theft resources.
- Expect that scammers will take advantage of this data breach to send out phishing emails and other messages that appear to be from Anthem, a credit bureau or other legitimate companies. Do not click on links from any email, text or social media messages about this or any other data breach.
For all businesses that collect customer information:
- Make sure you protect your customers’ data. If a data breach can happen to a major corporation with significant data security measures in place, it can happen to any business.
- Check out BBB’s updated online guide Data Security – Made Simpler for free information on how to create a data security plan.
NOTE: According to its BBB Business Review, Anthem Inc. also operates as Wellpoint, Inc., Anthem Blue Cross & Blue Shield, and Administar Federal, Inc. However, not all Blue Cross & Blue Shield companies are part of the Anthem network. If you aren’t sure if your insurer is affected by this data breach, call the number on the back of your card or go directly to your insurer’s website.
Howard Schwartz, Executive Communications Director