43 states, including Mississippi, have been awarded a combined 39.5 million dollars following a 2014 data breach at Anthem, a health insurance provider.
The cyberattack exposed the personal information of nearly 79 million Americans, including 164,216 Mississippians. Attorney General Lynn Fitch says Mississippi will receive nearly $197,000 from the settlement with Anthem. Fitch said, in addition to the payment, the company has agreed to a series of data security and good governance provisions designed to strengthen its practices going forward.
“As we all become more dependent on the vast and ever-expanding digital infrastructure, we must also be vigilant in keeping Americans safe by combatting cybercrime and cyber-enabled threats,” said Attorney General Lynn Fitch. “The Anthem cyberattack impacted tens of millions of Americans, releasing their sensitive and personal information to malicious actors on the dark web. This settlement reaffirms my commitment to hold companies accountable in their implementation and execution of strong security practices and their duty to protect users’ personal information.”
In February 2015, Anthem disclosed that cyber attackers had infiltrated its systems beginning in February 2014, using malware installed through a phishing email. The attackers were ultimately able to gain access to Anthem’s data warehouse, where they harvested names, dates of birth, Social Security numbers, healthcare identification numbers, home addresses, email addresses, phone numbers, and employment information for 78.8 million Americans.
Following the breach, Anthem offered an initial two years of credit monitoring to all individuals impacted in the U.S. In addition to this settlement, Anthem previously entered into a class action settlement that established a $115 million settlement fund to pay for additional credit monitoring, cash payments of up to $50, and reimbursement for out-of-pocket losses for affected consumers. The deadlines for consumers to submit claims under that settlement have since passed.
The Connecticut Office of the Attorney General led the multistate investigation, assisted by the Attorneys General of Illinois, Indiana, Kentucky, Massachusetts, Missouri, and New York, and joined by the Attorneys General of Alaska, Arizona, Arkansas, Colorado, the District of Columbia, Delaware, Florida, Georgia, Hawaii, Idaho, Iowa, Kansas, Louisiana, Maine, Maryland, Michigan, Minnesota, Mississippi, Nebraska, New Hampshire, New Jersey, Nevada, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Virginia, Washington, West Virginia, and Wisconsin.