, , , ,

Anthem logoAnthem has no shortage of registered trademarks.  If you’re not familiar with them, before yesterday’s announced breech of 80 million personal records, you might know them as BlueCross BlueShield.  Or WellPoint, which they recently acquired.  What do you suppose their brand logo will be worth three months from now?  The prevailing consensus after every corporate breech is that the company’s equity value will dive.  Oftentimes it does.  Usually though for far much less than twelve months, and then it recovers.  Target was an exception, not because customers remember the compromise of their credit card data, but for their fundamentals and managerial fubars.  Rather than pilot a few outlets in Canada, they went all-in.  And failed.  Spectacularly.  I have this sense that Anthem might be the first to not recover their brand from a cyber attack.  I suspect I might feel this way because I’m pissed.  They stored my records.  Unencrypted!  Freakin’ idiots!

I’m not being mean.  Anthem is negligent in their compliance to the Health Insurance Portability and Accountability Act (HIPAA).  This isn’t some newly erected Obama healthcare thing.  This regulation is nearly twenty years old.  The guidelines for Protected Healthcare Information (PHI) include much of what is considered Personally Identifiable Information (PII), which in turn includes social security numbers.  I was tempted there to include the abbreviation for social security numbers but understand I’ve already drowned you in alphabet soup.  The government might only fine Anthem a few million dollars, but I have to believe a class action lawsuit should be expected.

On a more constructive, non-litigious note, what should we do about this?  The best advice I’ve seen so far is to place a security freeze on my credit reports with the three major players, Equifax, Experian and TransUnion.  Of course, dealing with these firms has got to be painful.  Placing a security freeze on my credit reports is essentially what LifeLock does.  Having just completed feezing my reports on all three online, I’m not sure I would mind paying LifeLock $19.99 per month.  The process actually went quite well with Experian and TransUnion.  A few minutes per site.  Equifax though did not print out my pin code which I will need to remove the freeze when I need access to my credit reports.  And trust me, contacting them is virtually impossible.  With that said, their customer service number is 800-829-4577 and their direct security freeze number is 888-298-0045.  These are non automated, real person answers the phone numbers.  I finally got through and was able to get a pin.  The websites to freeze your credit reports are:

Equifax  https://www.freeze.equifax.com/

Experian:  https://www.experian.com/freeze/center.html

TransUnion:  http://www.transunion.com/securityfreeze

I think it was free for me to place these freezes.  This varies per state.  I suspect it will cost me $10 or so to remove the freeze.  Maybe not but there is a temporary removal called a lift that will likely cost money.  There is an option to mail them a letter describing myself a victim of the Anthem breech that would waive any fees.  I don’t have the patience for that.  Wish me luck with this.  And if you’re one of the 80 million, good luck to you.