A major attack on health insurance provider, Anthem Inc., has exposed personal information for more than 80 million customers and employees. In an email to affected customers, Anthem CEO Joseph Swedish announced that the company was a victim of a “sophisticated external cyber attack.”
The data stolen in the hack includes “names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.” However, credit card and medical information was not accessed.
The attack was discovered on January 29th by a system administrator who noticed a database was accessed under his account without his knowledge. Anthem moved quickly to disclose this attack to the public and is now working with the FBI to investigate the source of the attack.
Although your personal information maybe in the hands of cyber criminals, there are steps you can take to protect yourself.
Secure your online accounts with a password manager
The first step after any major security breach is to control the spread of your personal information. If you’re using the same password across multiple sites, you’re setting yourself up for disaster. Hackers will try your stolen username and password across other accounts to see if they can steal more information from you.
You can stop this by using a password manager, which helps you generate strong, randomized passwords. If you need help choosing one, check out our comparison of 1Password, Dashlane and LastPass.
Monitor your credit reports
Photo credit: 401kcalculator.org via Flickr
Now that your social security number is in the hands of hackers, you’ll have to be diligent about checking your credit score. An exposed social security number leaves you vulnerable to identity theft whereby thieves can sign up for credit cards and loans in your name that will mar your credit score.
Under federal law, you are entitled to one free credit report per year from AnnualCreditReport.com, which is powered by credit reporting companies like Equifax, Experian and TransUnion. If you’ve already requested a free credit report this year, you can pay a company to send you a full report.
Anthem promises to provide free credit monitoring and identity theft protection for all affected members. The company hasn’t started providing these services yet but affected members will receive info in the mail about how to sign up.
Beware of phishing
Photo credit: Microsoft
After every high profile data breach, hackers looking to capitalize on the panic will send out fake emails or create fake sites to steal people’s information. Be aware of phishing emails disguised as legitimate communications from Anthem or other healthcare providers.
If an email looks suspect, don’t click on any of its links and contact your health insurance provider directly over the phone. Typos, sensationalist call to actions and disguised links are dead giveaways for phishing emails.
Create secret email addresses for sensitive accounts
AVG’s Head of Free Products, Tony Anscombe, recommends creating secret email addresses for sensitive accounts.
“Moving forward, avoid using the same email address or identity across multiple online accounts. For example, have a primary email address used for recovery of forgotten passwords and account information. Have a secondary email address for offline and online retail transactions. Have a third for financial accounts and sensitive information.”
This is smart advice as hackers will have a tough time cracking your account if they don’t even know which email address you’re using. Sure, it’s annoying to have to manage multiple emails but most password managers will make this easy.
2014 was marked by an increase of high profile hacks and it’s not going to slow down. Use these tips to build up a wall around your personal information for the next inevitable hack.
For more tips about how to protect your personal information, check out my article about how to protect your online identity.
Follow me on Twitter: @lewisleong