For immediate release                                                            THURSDAY, FEBRUARY 5, 2015

HARTFORD – Attorney General George Jepsen and state Department of Consumer Protection Commissioner Jonathan A. Harris are asking Anthem Inc. for more information about a reported data breach that may have compromised personal information of its customers across the state.

The Indiana-based health insurer has released information on the data breach indicating that hackers had breached its computer system and the personal information of tens of millions of current and former enrollees and employees across the country was possibly at risk.

“I am deeply concerned about this massive data breach," Attorney General Jepsen said. "While my office has not received official notification from Anthem as of yet, we became aware of the breach late yesterday afternoon, and I immediately opened an investigation. This morning, I sent a letter to Anthem requesting information about the security measures the company had in place prior to the breach, the circumstances that led to discovery of the breach and the measures Anthem is taking to ensure this sort of attack will not happen again."

“This data breach is very troubling,” Commissioner Harris said. “Anthem, like all health insurance companies, has access to extremely sensitive health and personal information and therefore has the immense responsibility to protect that information from unlawful disclosure. That there is any vulnerability in the corporation’s record management system is cause for real concern and must be corrected.”

In a letter sent this morning to the company’s chief executive officer, Attorney General Jepsen asked that all affected patients in Connecticut be provided with two years of credit monitoring services, identity theft insurance, and reimbursement for the costs associated with placing and lifting security freezes.

"Given the sensitive personal information that Anthem has disclosed was compromised in this breach – including Social Security numbers, with corresponding names and addresses – I am asking the company to provide two years of free identity theft protection and credit monitoring to affected individuals, instead of one," the Attorney General said. "Breaches in security like this one put innocent consumers at significant risk of financial and reputational harm, and those affected deserve adequate protection.”

Attorney General Jepsen and Commissioner Harris are advising all Connecticut residents who may be affected by the breach to report any suspicious activity on their credit report or other financial accounts to law enforcement authorities immediately. Suspicious activity can also be reported to the Office of the Attorney General's Privacy Task Force by emailing attorney.general@ct.gov or calling 860-808-5318.

Connecticut residents with immediate questions about the breach should visit http://www.anthemfacts.com/.

Assistant Attorneys General Michele Lucan and Thomas Ryan, of the Attorney General’s Privacy Task Force, and Matthew Fitzsimmons, chair of the Task Force, are assisting the Attorney General with this matter.

Please click here to view the Attorney General’s letter to Anthem.

###

Media Contacts:

Office of the Attorney General:
Jaclyn M. Falkowski
Jaclyn.falkowski@ct.gov
860-808-5324 (office)
860-655-3903 (cell)

Department of Consumer Protection:
Claudette Carveth          
claudette.carveth@ct.gov
860-713-6022 (office)