In addition to the over 70 million Anthem customer accounts stolen, Anthem and Blue Cross / Blue Shield had apparently shared some 8 to 18 million patients without patient permission and without a medical or billing need that were also stolen. It's unclear exactly why they were in possession of private data, including names, dates of birth, and Social Security Numbers, of people who were not their customers or whether that would constitute millions of HIPAA violations.
[–] MonitoredCitizen ago (edited ago)
In addition to the over 70 million Anthem customer accounts stolen, Anthem and Blue Cross / Blue Shield had apparently shared some 8 to 18 million patients without patient permission and without a medical or billing need that were also stolen. It's unclear exactly why they were in possession of private data, including names, dates of birth, and Social Security Numbers, of people who were not their customers or whether that would constitute millions of HIPAA violations.
http://www.reuters.com/article/2015/02/24/us-anthem-cybersecurity-idUSKBN0LS2CS20150224