I got your email last night, Joe. Please, call me Geoff.
Safeguarding your personal, financial and medical information is one of our top priorities, and because of that, we have state-of-the-art information security systems to protect your data. However, despite our efforts, Anthem Blue Cross was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information (such as claims, test results or diagnostic codes) were targeted or compromised.
Let me cut to the chase. I don’t believe you. I don’t believe safeguarding my info was important to you.
Security doesn’t immediately add to profit. Like electric companies who disregard their infrastructure to save a little, management just hopes the problems don’t come on their watch.
I am a user of Anthem’s computer system. Every step seems hobbled together in a piecemeal fashion. It has never worked correctly for me. When the front facing side of a website is disjointed and confusing my assumption is the back end is worse!
You’re trying to reassure me, “there is no evidence that credit card or medical information (such as claims, test results or diagnostic codes) were targeted or compromised.” However, you’ve provided everything needed so the thieves can get credit cards in my name or even my medical data. Don’t bullshit me.
Some people have pointed out you probably discovered this problem long before you copping to it. Your AnthemFacts.com website was registered in December!
It’s time we had harsh laws to make companies like Anthem, Target and TJ Maxx financially and criminally liable when their inept practices cause harm to consumers. That’s unlikely to happen, but one can dream.
I am constantly prodded to toughen up my passwords or change them on a regular basis. That’s sweet, but futile. Why would any hacker try to break into accounts one-at-a-time when it’s so much easier to just hit you?