Earlier this month, American health insurer Anthem was hit by a massive hack. Now, it's admitted that between 8.8 million and 18.8 million people who are not its customers could also be victims in the attack.
You see, Anthem is part of a national network of independently run Blue Cross Blue Shield (BCPS) insurance plans. The network allows BCBS customers to receive medical services when they're in an area that isn't served by BCBS but by a different company instead.
It's the non-Anthem Blue Cross Blue Shield customers that are potentially affected because "their records may be included in the database that was hacked," the company told Reuters. Up to this point, Anthem hadn't admitted that the effects of the recent hack spread any wider than its direct members.
Anthem has also updated the total of its own customers affected by the hack to 78.8 million customers — down, ever so slightly, from the estimated 80 million. In total, with non-customers included, the tally of those affected could reach as high as 98.6 million. Uncertainty in the total is because 14 million of the records are incomplete, making it difficult for Anthem to link all of its members to the correct plans.
Anthem says that its investigation is ongoing, and that federal and state authorities are also now involved. It's still thought that records included personal information such as names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.
Anthem will begin contacting customers — and now also non-customers! — affected by the hack. It will, apparently, offer "two years of identity theft repair assistance, credit monitoring, identity theft insurance and fraud detection" according to Reuters, which is something. Now, we just need stop hackers from being able to target the healthcare industry.[Reuters]