Hackers may have stolen sensitive personal information of more than 52,000 Highmark Inc. insurance subscribers in Pennsylvania, Delaware and West Virginia in the huge data breach of Anthem Inc. last month.
Downtown-based Highmark, the state’s largest health insurer, said Wednesday that it is notifying affected members that their information, which includes birth dates, Social Security numbers, street addresses, email addresses, phone numbers and employment information, was compromised.
While hackers did not steal financial information, such as bank account numbers, the data is valuable for identity thieves who might use it to take out loans or open credit cards.
Although Highmark was not hit in the breach, the data of members who sought medical care in Anthem’s service area were stored in the Indianapolis-based insurer’s databases. The breach affected 51,867 Highmark members in Pennsylvania and hundreds in Delaware and West Virginia. “Some of our members who received health care services in the past 10 years in any of the areas that Anthem’s Blue Cross Blue Shield companies serve may have been affected by this cyberattack,” Deborah Rice-Johnson, Highmark president, said in the letter to affected members.
Hackers gained access to records of about 80 million current and former customers and employees in the attack, which Anthem disclosed on Feb. 5. Anthem is offering free credit monitoring and identify theft protection services to the affected customers, Rice-Johnson said.
Anthem, a Blue Cross and Blue Shield company, is the nation’s second-largest health insurance company. Its service area spans 14 states, including California, Colorado, Connecticut, Georgia, Indiana, Kentucky, New York, Ohio and Virginia.
Spokesman Tony Felts said the company is cooperating with an FBI investigation into the breach. Anthem has hired a cybersecurity firm to help the company determine how the theft occurred.
Felts declined to comment on the status of the investigations.
Date: March 11, 2015