Your health insurance company has a lot of sensitive information about you. Medical records, Social Security numbers, and your home address are just a few things they have on file.
We expect them to keep that information safe. Unfortunately, one of the largest U.S. insurance providers was recently the victim of a massive data breach. Your information could be at risk.
Has your personal data been breached?
We're talking about health insurance provider Anthem. Its Medicare insurance coordination services vendor, LaunchPoint Ventures, recently discovered a data breach that impacts nearly 20,000 Medicare members.
LaunchPoint learned earlier this year that an employee was possibly involved with activity related to identity theft. After an investigation, it found that the employee had emailed a file containing members' sensitive data to his personal email address. It's possible that the suspect sold the data on the Dark Web, exposing thousands of members' critical information.
The stolen data includes:
- Medicare ID numbers - this includes the members' Social Security numbers
- Health plan ID numbers (HCID)
- Phone numbers
- Dates of birth
- Dates of enrollment
The employee who sent the file has since been terminated. LaunchPoint is working with law enforcement and the investigation is ongoing.
All affected customers should receive a letter from LaunchPoint, notifying them of the data breach. They will also receive access to two years of credit monitoring and identity theft restoration services at no charge.
In the meantime, you should take a look at your credit report to see if there is any suspicious activity. If you think that you're a victim of identity theft, click here to report it to the FTC.
What you need to do after a data breach
- Check your credit report - Your credit report should show if you have been the victim of identity theft. Click here to learn how to check your credit report for free.
- Keep an eye on your bank accounts - You should already be frequently checking your bank statements, looking for suspicious activity. It's even more critical when critical information has been exposed through a data breach. If you see anything that seems strange, report it immediately.
- Set up two-factor authentication - Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. It's like the DMV or bank asking for two forms of ID. Click here to learn how to set up two-factor authentication.
- Investigate your email address - Have I Been Pwned is an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest hacks and exposures.
- Change your password - Whenever you hear news of a data breach, it's a good idea to change your account passwords. Read this article to help you create hack-proof passwords.
- Close unused accounts - Here's an easy way to manage all of your online accounts at once.
- Beware of phishing scams - Scammers will try and piggyback on data breaches like this. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that will lead to more problems. Take our phishing IQ test to see if you can spot a fake email.
- Manage passwords - Many people use the same username and password on multiple sites. Bad idea. If you're using the same credentials on multiple sites, change them to make them unique. If you have too many accounts to remember, you could always use a password manager.