Sedona.Biz – The Voice of Sedona and The Verde ValleySedona.Biz – The Voice of Sedona and The Verde Valley
    Sedona.Biz – The Voice of Sedona and The Verde Valley Sedona.Biz – The Voice of Sedona and The Verde Valley
    • Home
    • Sedona
      • Arts and Entertainment
      • Bear Howard Chronicles
      • Business Profiles
      • City of Sedona
      • Elections
      • Goodies & Freebies
      • Mind & Body
      • Sedona News
    • Opinion
    • Real Estate
    • About
    • The Sedonan
    • Advertise
    • Sedona’s Best
    Sedona.Biz – The Voice of Sedona and The Verde ValleySedona.Biz – The Voice of Sedona and The Verde Valley
    Home»Arizona»Anthem to Pay $39.5 Million in Multistate Settlement over 2014 Data Breach
    Arizona

    Anthem to Pay $39.5 Million in
    Multistate Settlement over 2014 Data Breach

    October 1, 2020No Comments
    Facebook Twitter Pinterest LinkedIn Email Reddit WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email Reddit WhatsApp

    Attorney General of the State of ArizonaPhoenix AZ (October 1, 2020) – Attorney General Mark Brnovich today announced that Anthem, Inc. has agreed to pay Arizona over $280,000 to resolve allegations stemming from a 2014 data breach that involved the personal information of 78.8 million Americans. The settlement with the Arizona Attorney General’s Office (AGO) is part of a $39.5 million settlement with 43 total states and the District of Columbia. In addition to the payment, Anthem has also agreed to a series of data security and good governance provisions designed to strengthen its practices going forward.

    In February 2015, Anthem disclosed that cyber attackers had infiltrated its systems beginning in February 2014, using malware installed through a phishing email. The attackers were ultimately able to access Anthem’s data warehouse, where they harvested names, dates of birth, Social Security numbers, healthcare identification numbers, home addresses, email addresses, phone numbers, and employment information for 78.8 million Americans. In Arizona, over 400,000 residents were affected by the breach.
     
    “If a business or a government agency can’t meet their obligations to prevent a data breach or to adequately protect consumers after a breach, they need to be held accountable,” said Attorney General Brnovich. “Attorneys General are working together to use all available laws to ensure companies take the protection of consumer data seriously.”
     
    Under the settlement, Anthem has agreed to a series of provisions designed to strengthen its security practices going forward. Those include

    • Prohibition against misrepresentations regarding the extent to which Anthem protects the privacy and security of personal information;
    • Implementation of a comprehensive information security program, incorporating principles of zero trust architecture, and including regular security reporting to the Board of Directors and prompt notice of significant security events to the CEO;
    • Specific security requirements with respect to segmentation, logging and monitoring, anti-virus maintenance, access controls and two factor authentication, encryption, risk assessments, penetration testing, and employee training, among other requirements, and;
    • Third-party security assessments and audits for three years, as well as a requirement that Anthem make its risk assessments available to a third-party assessor during that term.

    Anthem previously offered two years of credit monitoring to all affected U.S. individuals.

    The $280,000 to Arizona will be used to investigate and pursue other consumer fraud related actions by the AGO, including other data breach investigations.

    Sedona Gift Shop

    In addition to this settlement, Anthem previously entered into a class action settlement that established a $115 million settlement fund to pay for additional credit monitoring, cash payments of up to $50, and reimbursement for out-of-pocket losses for affected consumers. The deadlines for consumers to submit claims under that settlement have since passed.

    In 2018, Attorney General Brnovich worked with the legislature to strengthen Arizona’s data breach consumer protection laws. HB2154 bolstered protections and added notification requirements for victims of a data breach, including: 

    • Expanding the definition of protected “personal information” to include online account credentials, as well as an individual’s name in combination with health insurance or other medical information, passport or taxpayer-identification numbers, or certain biometric data;
    • Requiring that notice to individuals affected by a breach be provided within 45 days after determining that a breach has occurred (whereas existing law provided no definitive deadline);
    • Clarifying the necessary content and available delivery methods for notifications to consumers;
    • Requiring notification to the three largest consumer reporting agencies for any breach involving more than 1,000 individuals;
    • Increasing the maximum civil penalty for a knowing or willful violation of the statute from $10,000 per breach to $500,000 per breach; and
    • Clearly explaining the Attorney General’s powers in connection with the investigation and enforcement of data-breach matters.

    Other AGO cases regarding data breaches:
    $18.5 Settlement with Target after Data Breach
    First-Ever Settlement in HIPAA Data Breach Lawsuit
    $148 Million Settlement With Uber Over Data Breach
    $10 Million Settlement Premera Blue Cross Data Breach
    $1.5 Data Breach Settlement With Neiman Marcus
    $5.5 Million Settlement with Nationwide Insurance 
    $600 Million Equifax Settlement

    Arizona was joined in the case and settlement by the Attorneys General of Alaska, Arkansas, Colorado, Connecticut, the District of Columbia, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Nebraska, Nevada, New Hampshire, New Jersey, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Virginia, Washington, West Virginia, and Wisconsin.

    Healing Paws

    This is an advertisement

    Comments are closed.

    If I Were Curtis Sliwa
    By Tommy Acosta

    One of my guilty little pleasures is imagining what I would do if I was in someone else’s shoes, especially politicians. In this essay I would love to jump into the shoes of Curtis Sliwa, a former New York City vigilante who founded the Guardian Angels and is now running as a Republican for mayor of his city.

    Read more→

    The Sedonan
    House of Seven Arches
    Need More Customers?
    Bear Howard Chronicles
    Humankind
    Tlaquepaque
    Verde Valley Wine Trail
    Recent Comments
    • Jill Dougherty on Cottonwood, Verde Valley Residents Join Largest Protest Yet to Reject Abuses of Power
    • JB on Film Festival presents ‘Good Morning, Vietnam’ outdoors under the stars July 3
    • JB on Between Bombs and Olive Branches: The Art of the Deal
    • JB on If I Was Curtis Sliwa
    • Mark Harris on The Attics of Conscience — What Could Soon Happen in Sedona and Across America
    • Daniel J Sullivan MDJD on If I Was Curtis Sliwa
    • Jill Dougherty on If I Was Curtis Sliwa
    • Blue on Between Bombs and Olive Branches: The Art of the Deal
    • Blue on The Attics of Conscience — What Could Soon Happen in Sedona and Across America
    • Charles H Blum on License to Spy
    • TJ Hall on If I Was Curtis Sliwa
    • JB on If I Was Curtis Sliwa
    • Stephanie lenore Maciel on The Attics of Conscience — What Could Soon Happen in Sedona and Across America
    • Michael Schroeder on The Attics of Conscience — What Could Soon Happen in Sedona and Across America
    • Michael Schroeder on License to Spy
    Archives
    The Sedonan
    © 2025 All rights reserved. Sedona.biz.

    Type above and press Enter to search. Press Esc to cancel.