15 MARCH 2015


A number of U.N. retirees were concerned that information about a cyber attack on the U.N. Health Insurance server was posted only on the U.N. Intranet, a service which is not accessible to U.N. retirees. They wondered whether the Association of Former Civil Service (AFICS) was aware of what happened and if so why did it not notify retirees. Eventually, AFICS did. Their original internal note was addressed to all staff members covered under the Empire Blue Cross medical insurance plan.

It indicated that the U.N. Health and Life Insurance Section became aware that Anthem, Inc., the parent company of Empire Blue Cross Blue Shield, was the victim of a highly-sophisticated cyber attack. Anthem has informed the United Nations that its member data was accessed, and could include that of United Nations staff members and retirees. They are working closely with Anthem to better understand the impact on UN members. Here is what they do know:

  • Once Anthem determined it was the victim of a sophisticated cyber attack, it immediately notified US federal law enforcement officials and shared the indicators of compromise with HITRUST, an alliance of health insurance organizations that deal with security of sensitive and/or regulated data.
  • Anthem's Information Security has worked to eliminate any further vulnerability and to secure all of its data.
  • Anthem immediately began a forensic IT investigation to determine the number of impacted consumers and to identify the type of information accessed. The investigation is still taking place.
  • The information accessed includes member names, member health ID numbers/Social Security numbers, dates of birth, addresses, telephone numbers, email addresses and employment information, including income data. Social Security numbers were included in only a subset of the universe of consumers that were impacted. Please note that the UN does not share any Social Security numbers or income data with Empire Blue Cross.
  • Anthem's investigation to date shows that no credit card or confidential health information was accessed.
  • Anthem has advised us there is no indication at this time that any of our clients' personal information has been misused.
  • All impacted Anthem members will be enrolled in identity repair services. In addition, impacted members will be provided information on how to enroll in free credit monitoring.

The U.N. Health and Life Insurance Section is continuing to work closely with Anthem to better understand the cyber attack and the impact on U.N. staff and retirees. Anthem has created a website -, and a hotline, 1-877-263-7995, for its members to call for more information, and shared Frequently Asked Questions (FAQs) that further explains the cyber attack and may address your concerns.

The U.N. Health and Life Insurance Section will continue to keep you updated on Anthem's ongoing investigation.