Anthem Inc., the second-largest healthcare company in the United States, reported a data breach on February 4. The company, which operates plans such as Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Amerigroup, and Healthlink, said that hackers gained access to its database with a phishing scam that appropriated the credentials of five Anthem employees. They stole information from as many as 80 million of its customers and employees. Compromised data includes personal information such as names, birthdates, Social Security numbers, addresses, and more. The company is offering free identity theft protection to affected individuals for the next two years.
This is the largest data breach reported by a healthcare company to date, and it follows in the wake of large breaches in 2014. Target reported a breach that affected as many as 110 million debit and credit cards and customer information; J.P. Morgan had a breach that compromised the information of 76 million customers; and a breach at Home Depot exposed 53 million customer e-mail addresses.