78.8 Million Records Exposed: How Did the Anthem Data Breach Happen

Posted on by David Lukic in Data Breaches August 21, 2020
https://content.infopay.net/storage/thumbnails/7xJr5JPDjrseJQBXVbbiEOVIqPPC40SeONtRo9bT.jpg

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. What started out as a phishing email, ended in disaster. A user at an Anthem subsidiary downloaded an attachment from a scam email, and that allowed the hackers to gain access to Anthem’s database of information. After a lengthy investigation by third-party security experts, the hacking incident was pointed towards a rival nation. Even your private insurance information is not safe these days! Government-backed data breaches are the most difficult to find and control because they are fueled by substantial resources and funding, which is why Anthem's data breach is a special case. Government sources have hinted that China was behind this attack. Along with the personal records, more than 80 million company records were also breached containing names, birthdays, medical IDs, social security numbers, home addresses, email addresses, employment data, and income sources.


This single data breach spiraled into other Anthem brands, including Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, UniCare, and Healthlink. Anthem assures customers that no medical or financial data was stolen, just personally identifiable information. 

When Was the Anthem’s Cyber Attack?

The Anthem data breach took place during the weeks before February 4, 2015. The breach was discovered quickly, and Anthem responded rapidly, encrypting and protecting the remaining data and formulating a response plan and further safeguards for the future. 

How to Check if Your Data Was Breached

Anthem does not have a website where you can check to see if your data was breached by this hacking event. However, the settlement website does offer some links and phone numbers. However, the deadline to file a claim was July 19, 2018, and has already passed. 

What to Do if Your Data Was Breached

If you believe you were affected by Anthem’s data breach and you were not included in the class action settlement, you do have the option of suing for damages and losses incurred due to identity theft. The settlement deadline has passed. However, you can contact the correct department by mail at the address below: 

In re Anthem, Inc. Data Breach Litigation

P.O. Box 404012

Louisville, KY 40233-9821

Another way to perform an Anthem data breach check is to use IDStrong to scour the internet to see if your information appears to be stolen or used in unfamiliar places and for credit monitoring. 

The Anthem’s Data Breach Settlement and Lawsuit

Actually, there were two lawsuits. The federal government sued Anthem for allowing the breach to occur and for not adequately protecting citizens’ information. Anthem paid out a $16 million settlement to the federal government as a penalty for Anthem data breach.

Additionally, there was a significant class-action lawsuit and a website explaining all the details for litigants. Anyone affected was able to file a claim and receive credit monitoring and fraud resolution service for four years. Those customers whose identity was stolen and resulted in losses could also receive cash payouts. There were no flat fee payouts for all other litigants. 

Anthem data breach

Can My Personal Information From Anthem Security Breach Be Used for Identity Theft?


Even basic information like name, home address, social security number, and date of birth can be used to steal your identity. Unfortunately, the data stolen in this breach ended up in the dark web and fell into the hands of various cybercriminals. You cannot be too careful when protecting against identity theft. 

How To Protect Your Identity

As a matter of regular practice to protect yourself against identity theft and fraud follow these tips below:

  • Always keep your computer antivirus software updated and run scans frequently.

  • Change passwords to banking and credit card websites often and use only long complex passwords.

  • Watch out for phishing or scam emails that look legitimate, but the “from” address is strange, or the links take you to sites that are not real.

  • Never give out your personal information to anyone unless you know them well or initiated the action.

  • Monitor bank and credit card statements to look for any suspicious activity.

  • Review your credit report and consider a credit freeze to protect against anyone using your identity to open new accounts.

The best tool at your disposal when protecting yourself is common sense. Verify everything before you click a link or download anything you receive in email.

Check Your Records For Breaches, Leaks, & Exposures

About the Author
IDStrong Logo

Related Articles

412 Million Accounts Exposed in Adult FriendFinder Breach: The Aftermath

Six databases that were owned by FriendFinder Networks, Inc. suffered a massive data breach in 2016, whic... Read More

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in the fi... Read More

What is an Accidental Web Exposure and How To Prevent It

Data breaches take many forms, and one of them is through accidental web exposure. Millions of people are... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, 2015 ... Read More

You may already be a victim of Identity Theft
Scan Your Records for Breaches, Leaks & Exposures!