On Thursday, I had this exchange with @dapnwmomster on Twitter:
@PogoWasRight Many Anthem customers had their info used by hackers filing false tax returns – the identity protection they provided FAILED.
— Wendy G (@dapnwmomster) July 9, 2015
@dapnwmomster I’m not sure how plaintiffs can prove the info used in fraudulent filings was from Anthem given numerous other breaches.
— Dissent Doe (@PogoWasRight) July 9, 2015
Today, J.K. Wall has a report on Indianapolis Business Journal that pretty much reiterates what I had suggested: Anthem continues to claim that there is no evidence of ID theft due to their breach, and it’s going to be challenging for plaintiffs’ attorneys to show that any fraud was due to that breach. Wall starts out by reporting:
Anthem Inc.’s massive data breach reported early this year is now generating real cases of identity theft, according to allegations in a small but growing number of lawsuits filed across the country.
Twenty-six people who have sued the Indianapolis-based health insurer claim they were victims of fraud, with most saying fraudulent tax returns were filed in their names using information obtained from Anthem. It had 78.8 million current and former customers’ records stolen by hackers from Dec. 10 to Jan. 27.
And right there is the first thing that would make me suspicious: why would there be only 26 cases of fraud if 80 million people’s information stolen for criminal purposes? I’d expect a lot more. A lot. Much more than the “hundreds more” one attorney suggests will join the law suit.
But Anthem maintains it’s not the source of its customers’ troubles. That’s based on weekly reports it receives from the FBI, which is checking the black market to see if anyone is selling information from the Anthem hack.
“As part of the ongoing investigation regarding Anthem’s cyber attack, the FBI has been routinely monitoring for fraudulent activity related to this incident,” Anthem spokeswoman Kristin Binns wrote in an email. “Despite allegations to the contrary, there is no evidence that the cyber attackers have shared or sold any individuals’ data; and there is no evidence that fraud has occurred against any individuals who could have been impacted.”
Even if people suspect or believe that the Anthem breach is responsible for any woes they or their minor children have experienced, connecting the dots from the breach to the problems will be a serious hurdle in litigation.
Read more on the Indianapolis Business Journal.