Lamar Alexander blasts Anthem for delayed response to data breach affecting 770,000 Tennesseans

March 18, 2015 at 6:48 p.m. | Updated March 19, 2015 at 1:36 p.m.

by Kate Belz

FILE - In this Dec. 3, 2014 file photo, a pedestrian walks past the corporate headquarters of health insurer Anthem, in Indianapolis. Anthem reports quarterly financial results on Wednesday, Jan. 28, 2015. (AP Photo/Darron Cummings, File)
FILE - In this Dec. 3, 2014 file photo, a pedestrian walks past the corporate headquarters of health insurer Anthem, in Indianapolis. Anthem reports quarterly financial results on Wednesday, Jan. 28, 2015. (AP Photo/Darron Cummings, File)
photo In this July 12, 2014 photo, Sen. Lamar Alexander, R-Tenn., takes part in a discussion at the National Governors Association convention in Nashville, Tenn. Early voting is getting underway for Tennessee's primary election that features tea party-styled challenges to Alexander's bid for the Republican nomination to a third term in the U.S. Senate. (AP Photo/Mark Humphrey)

Tennessee Sen. Lamar Alexander sharply criticized leaders of the large insurer Anthem on Wednesday, decrying the company's delayed response to a cyber-attack that affects 770,000 Tennesseans - many of whom may still be unaware their data has been compromised, a report to the senate committee has revealed.

More than a month after a "highly-sophisticated" cyber attack on Anthem was revealed Feb. 4, the majority of the 80 million people affected nationwide have yet to be notified that personal data like social security numbers, birth dates and employer information may have been compromised, said Alexander, who chairs the senate's Health, Education, Labor and Pensions committee, which has investigated the breach.

"This delay is unacceptable and should be corrected immediately," Alexander said in a statement Wednesday.

In a letter to Anthem CEO Joseph Swedish released Wednesday, Alexander and Sen. Patty Murray, D-Washington, said they were "concerned with your slow pace of notification and outreach thus far," and demanded a plan of action from the company by April 1 that will "dramatically increase the pace of notification," the letter stated.

Anthem operates insurance companies in 14 states, including Blue Cross Blue Shield of Georgia - but does not include BlueCross BlueShield of Tennessee. However, Anthem manages thousands of Medicaid programs in Tennessee through its subsidiary, Amerigroup.

About 246,000 TennCare members on Amerigroup, including children, were impacted by the data breach, state officials have said.

Anthem spokeswoman Kristin Binns said the company acted quickly to secure its systems and notify people.

"Within four business days, we established a dedicated website, anthemfacts.com, with answers to frequently asked questions; we sent thousands of emails directly to our members; and made credit protections available to consumers within eleven business days," she said in an email.

The company is offering 24 months of free credit monitoring and theft protection, and has stepped up the pace of mailing notification letters to 2.4 million a day.

Upcoming Events