Anthem may face damage control costs of more than $100 million after a cybersecurity attack exposed the information of about 80 million of its current and former customers.
The company has a cyberinsurance policy through American International Group that will cover losses of up to $100 million, according to an article at ZDNet. However, with a breach as large as the one Anthem faces, that may not be enough, according to the article.
In comparison, another breach, at Community Health Systems last year, was estimated to cost between $75 million and $150 million; that one exposed 4.5 million patients' data in 29 states.
A chunk of the costs Anthem faces will come from outreach to consumers. The payer says it plans to reach out to all 80 million current and former customers affected, in addition to launching a hotline people can call with questions and concerns, ZDNet reports.
However, the company also is facing criticism regarding those efforts from attorneys general in nine states. The AG for Connecticut wrote a letter this week to Anthem expressing "alarm at the failure of the company to communicate with affected individuals and, in particular, to provide them details about the protections the company will make available and how to access those protections."
Other states supporting the letter include: Arkansas, Illinois, Kentucky, Maine, Mississippi, Nebraska, Nevada, Pennsylvania and Rhode Island.
Anthem faces a long road to recovery, but CEO Joseph Swedish remains confident. In an email to the Los Angeles Times, he said: "It's my view that how we engage with our members and customers in difficult times truly defines our relationship with them. We will continue to do everything in our power to make our systems and security processes better and more secure. Our primary goal is to earn back their trust and confidence in Anthem."
The information accessed by the hackers includes names, birthdays, addresses, email addresses, employment information and Social Security/member identification numbers.