Health insurer Anthem is warning Maine residents potentially affected by the cyberattack announced Wednesday to beware of email scams targeting them.
The emails, designed to steal personal information from current and former Anthem customers, resemble official correspondence from the company, Anthem said in a statement Friday. The emails include a “click here” link for credit monitoring.
Anthem warned consumers not to click on links in the emails, reply or contact the senders in any way; supply information through a website that may open through a link in the email; or open any attachments.
“Anthem Blue Cross and Blue Shield in Maine is not calling members regarding the cyberattack and is not asking for credit card information or Social Security numbers over the phone,” the statement said. “This outreach is from scam artists who are trying to trick consumers into sharing personal data.”
The company said there’s no indication the as-yet unidentified culprits behind the cyberattack are sending the fraudulent emails or that the email scammers are using information accessed in the attack.
“Anthem will contact current and former members through mail delivered by the U.S. Postal Service about the cyberattack with specific information on how to enroll in credit monitoring,” the statement said. “Affected members will receive free credit monitoring and ID protection services.”
Personal information belonging to at least 300,000 Maine residents is at risk after hackers launched the massive cyberattack, breaching a database containing data on up to 80 million people, according to the company.
Anthem disclosed the attack late Wednesday, saying it suspected hackers had stolen information belonging to tens of millions of current and former customers as well as employees.
Anthem said in a statement that names, birthdays, Social Security numbers, street addresses, email addresses and employment information, including income data, were accessed in what it described as a “very sophisticated attack.” The breach did not appear to involve medical information or financial details, such as credit card or bank account numbers.
Anthem is Maine’s largest private health insurer, with about 312,000 members across the state. The company provides coverage to small and large businesses in Maine, as well as to individuals.
Rory Sheehan, a spokesman for Anthem in Maine, could not provide an estimate Thursday on the number of Mainers potentially affected by the breach, including past customers. Primary policyholders and family members covered through Anthem plans could be affected, he said.
Additional information about the cyberattack on Anthem is available at AnthemFacts.com. For more information on recognizing scam email, visit the Federal Trade Commission website at consumer.ftc.gov/articles/0003-phishing.
