Local public employees affected by data breach

In the wake of a data breach that impacts 80 million Anthem insurance policy holders across the country, including 3 million in Virginia, the commonwealth’s attorney general’s office is asking Virginians to be cautious with their own activities and to keep an eye on their credit ratings.

The cyber attack, which was announced by Anthem on Wednesday, compromised sensitive insurance data, such as policyholder names, their insurance number, Social Security numbers, birth dates, addresses, telephone numbers, email addresses and employment information.

Anthem is the largest insurance provider in Virginia, facilitating health insurance for public and private sector employees throughout the commonwealth.

Michael Kelly, a public relations specialist for the attorney general, said following the announcement of the breach in media outlets, the company will release a “notice of data breach.”

“The notice will come to our office and basically spell out how many people in the state may be affected and any services the company is offering to mitigate the risk and the damage,” Kelly said.

Last year, the attorney’s general office received 305 database breach notifications, ranging from highly sophisticated hacks like the Anthem breach, to lost laptops and USB drives. Kelly said prosecuting perpetrators of data breaches is a tough task.

“It is difficult to combat because these attacks are sophisticated and conducted by people who know what they are doing and are generally outside of the United States,” Kelly said. “From the attorney general’s seat, it’s tough to go after a hacker somewhere in say, Eastern Europe.”

Anthem is working with federal law enforcement officials to apprehend the culprits and to pinpoint how the breach occurred.

In Virginia, many county, town and city governments use Anthem Blue Cross Blue Shield of Virginia through the Local Choice health insurance plan. Among those localities, Shenandoah and Warren County public employees are engaged in that system. Employees in those counties were notified via email about the breach Thursday.

Evan Vass, Shenandoah County assistant county administrator, said about 270 employees, not counting their spouses or children, were affected by the breach. Vass said the county circulated an email to employees detailing information about the breach and who to call about questions and concerns. The county also contacted its Anthem representative for updates.

Vass said the data breach is one of the risks of living in a digitized age.

“We live in a world where there’s a lot of sensitive information that can potentially be impacted by hackers that are able to breach data security,” Vass said. “I think this is not just a local concern, but a national concern as well.”

Jodi Spittler, human resources manager for Warren County, said about 240 employees, not counting their family members, enrolled in the plan were affected by the breach. She said the county also alerted its employees with information provided by its Anthem representative.

Spittler said the county can only do so much with the breach, but she is confident Anthem is handling it well.

“Anthem has the lock on this market around here … they have the best network, so it’s scary, but it sounds like they’re doing everything they can to stop the bleeding with the breach,” Spittler said.

The Shenandoah and Warren County school systems, which also use Anthem, circulated emails to employees, officials with each district said. Officials in both counties and school systems said this is the first time they have seen public employee data compromised on this scale in their localities.

Members in Anthem’s coverage can visit www.anthemfacts.com or call 1-877-263-7995 for more information on the data breach. The attorney general’s office offered the following tips to citizens to avoid becoming a victim of identity theft on the Internet.

• Use at least eight characters in a password, with a mixture of letters, symbols and numbers and a variety of cases.

• Install anti-virus software on the computer, scan files and emails regularly, install a firewall and check for regular system updates.

• Never download software programs from unknown publishers.

• Back up all information with a USB drive.

Contact staff writer Henry Culvyhouse at 540-465-5137 ext. 184, or hculvyhouse@nvdaily.com