14 DAY TRIAL // Personal information of some employees from American Apparel may have been compromised in the data breach at Anthem, the second largest health insurer in the US.
Reported at the beginning of February, the incident is likely to echo over a long period of time since the insurer offered policies to numerous companies in the US.
The situation may change by the end of the investigation
American Apparel received this information from Anthem, who relies on data resulting from an initial stage of the investigation into the matter. There is nothing certain at the moment as more solid clues have to emerge.
If evidence to dismiss this early piece of data does not occur, the information accessed without authorization includes names, dates of birth, member ID/social security numbers, addresses, phone numbers, email addresses and employment information.
Craig Simmons from American Apparel human resources department says in a letter to potentially affected individuals that the situation may change by the time the investigation completes.
Currently, the individuals impacted have not been identified and this information will be passed to all parties affected as soon as it becomes available.
Beware of fake messages claiming to be from Anthem
In the meantime, Simmons warns about scammers trying to obtain sensitive information, financial in nature, by contacting the individuals directly, via phone calls or email messages and claiming to be from Anthem.
Affected people should be aware that the health insurer’s official communication is done via regular postal US mail; but it will also send emails to those that provided an address to deliver details about the measures taken in the wake of the cyber-attack.
Also, email communication can include information about the complimentary subscription to an identity protection service Anthem offers to all impacted members for a period of two years.
The company discloses a set of fraud prevention tips on a website specifically set up for this purpose. Recommendations include refraining to supply sensitive details or reply to senders of suspicious messages. Also, any attachment appended to such communication should not be opened. One clue to recognize a scam is that Anthem will never request such data.