DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rogue insiders can go undetected for a long time….

Posted on July 28, 2017 by Dissent

So how are you determining if your Business Associate or vendor has a rogue employee who may be stealing or misusing your patients’ protected health information?  A notification from Anthem regarding an incident that affected more than 18,000 Medicare members in 21 states is a timely reminder that out of sight cannot mean out of mind or out of audit/logging….

LaunchPoint Ventures LLC (LaunchPoint) recently discovered an event which may affect the security of personal information of Anthem companies and subsidiaries (“Anthem”) Medicare members. LaunchPoint provides insurance coordination services to Anthem. On April 12, 2017, LaunchPoint, learned that one of its employees was likely involved in identity theft related activities. LaunchPoint hired a forensic firm to investigate. On May 28, 2017, LaunchPoint learned that some other, non-Anthem data, may have been misused by the employee. LaunchPoint then learned the employee emailed a file with information about Anthem companies’ members to his personal email address on July 8, 2016. This action violated LaunchPoint’s policies. The investigation is on-going. LaunchPoint does not know if the email was related to a legitimate work purpose.

On June 12, 2017, LaunchPoint confirmed the file included the Protected Health Information (“PHI”) of Anthem members and reported the incident to Anthem on June 14, 2017. LaunchPoint does not have any information to suggest that the data on the file was misused. The personal information on the file primarily included Medicare ID numbers (HICN) which includes a Social Security number, Health Plan ID numbers (HCID), Medicare contract numbers, and dates of enrollment. A very limited number of last names and dates of birth were also included. LaunchPoint is in the process of contacting these individuals.

LaunchPoint has terminated the employee, hired a forensic expert to investigate, and is working with law enforcement. The employee has been incarcerated and is under investigation by law enforcement for matters unrelated to the e-mailed Anthem file. LaunchPoint is reinforcing existing policies and protocols and is evaluating additional safeguards to prevent any similar incidents from occurring in the future.

LaunchPoint is providing those impacted with information on how to better protect against potential identity theft and fraud, as well as access to two years of credit monitoring and identity theft restoration services with AllClear ID at no cost. For information on how to enroll in the credit monitoring services, please call the toll- free dedicated assistance line at 1-855-836-1563. This toll-free line is available Monday through Saturday, from 8:00 am to 8:00 pm CDT, excluding major national holidays.

It is important that individuals impacted routinely review statements from their accounts and from time to time get their credit report from one or more of the national credit reporting companies. An individual may get a free copy of their credit report annually in these ways:

  •   Online at annualcreditreport.com
  •   Call toll-free 1-877-322-8228
  •   Mail an Annual Credit Report Request Form (forms are on the website at annualcreditreport.com) to:

    ANNUAL CREDIT REPORT REQUEST SERVICE PO BOX 105281
    ATLANTA GA, 30348-5281

    Individuals also may get a copy of their credit report from one or more of these three national credit reporting companies:

Equifax

PO BOX 740241 ATLANTA GA 30374-0241 1-800-685-1111 equifax.com

Experian

PO BOX 9532 ALLEN TX 75013 1-888-397-3742 experian.com

TransUnion

PO Box 2000 CHESTER, PA 19022 800-916-8800 transunion.com

To place a credit freeze with one or more of the three national credit reporting companies, please contact the company below:

###

Anthem Media Contact
Gene Rodriguez, 317-488-6168 or 317-677-5946 [email protected]

Related posts:

  • Transparency #FAIL: Why won’t Anthem/Elevance Health answer a simple question about breaches?
  • Victims of W-2 phishing scams (2017 list)
  • Is Anthem screwing dependents of former members on breach notification? (update 2: No)
  • TX: Statement and Frequently Asked Questions about the 2018 ERS OnLine Security Incident
Category: Health DataID TheftInsiderOf NoteSubcontractorU.S.

Post navigation

← Seagate To Settle Phishing Scam With $5.75M In-Kind Deal
Researcher: Metadata the ‘most potent weapon’ against critical infrastructure security →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.