Home > Identity Theft > The Medical Identity Theft Apocalypse? Fear the Walking Files

Comments 0 Comments

Criminal cyber attacks on healthcare information repositories have increased 125% since 2010. With the announcement of the Excellus breach last week, the total number of big-headline medical information compromises reported in 2015 (such as Anthem, Primera, Carefirst) had crossed the mind-blowing demarcation line of 100 million files.

The Excellus breach exposed the names of clients as well as their dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claim information. In terms of the type of information compromised and the amount of it, this most recent mega medical information breach, estimated to affect as many as 10 million consumers, was negligibly smaller than the Premera compromise, which exposed 11 million records. Yet it received nowhere near the same amount of media attention.

The reason is something called breach fatigue. Sure, news of the Excellus breach was a lead story, but if you think about it for a moment, was it the first thing people brought up at the proverbial water cooler the day the news broke? Probably not.

Here’s why the Excellus breach should have had tongues wagging:

  • According to the Identity Theft Resource Center, the medical/healthcare sector accounted for the highest percentage of breaches in 2014 at 42.5%.
  • As discussed in my forthcoming book, Swiped, medical identity theft can be life-threatening. When your personally identifiable information is used by another person to acquire healthcare, your medical history is literally contaminated with the PII, and hence the medical information, of another person. If that mingling of data results in the removal of an allergy or a change of blood type, the result could put your life in jeopardy.
  • If someone gains unauthorized access to your health insurance, you could find yourself in a quagmire should you suffer from the same ailment as the thief and require a particular treatment or medical procedure. Consider how serious that could be if the procedure you need (and can’t get because it’s already been performed on the imposter) happens to be something like bypass surgery, amputation, cancer treatment or any other major intervention.

While you think back to the day the Excellus news broke—there was the talk about the floods in Japan, refugees in Europe, the U.S. Open, the upcoming third episode of “Fear the Walking Dead”—I’m guessing the number of times that particular breach came up was low to nil. That’s fine. We’re not talking about breach fatigue per se. The real issue is that we need to raise and maintain awareness of the threat.

While you reflect upon the non-discussions about last week’s Excellus news, consider how a person might reply to a “Howya doing?” greeting at the water cooler after learning that they have become the victim of medical identity theft. Most likely, they would say something about it. And dollars to donuts, they would say they were in a waking nightmare.

How to Tell If You’ve Been Bit by the Medical ID Theft Zombie

Medical identity theft is hard to detect, and many people still alarmingly do not understand that it’s a real and present danger.

In the first episode of the new AMC show, “Fear the Walking Dead,” it takes a while for Los Angelenos to understand what’s happening, i.e., that the zombie apocalypse has begun. We are in a similar situation with medical identity theft, but in the real-world version, with vigilance on your part, you can better protect yourself.

Here are the telltale signs you’ve been infected.

  1. There is an error on your medical file. While this can happen in the usual way—even doctors make mistakes—it could signal trouble. TIP: Many doctors provide online access to your medical records. If yours does, take advantage of it and make sure the information there is accurate. If you cannot access your file, ask your doctor to read it to you.
  1. You receive phishing emails that refer to your healthcare provider or billing that require personally identifiable information to learn more. TIP: Always look up and call the main number of any entity that requests personally identifiable information. Only authenticate yourself when you are in control of the virtual or telephonic conversation.
  1. You get one-ring phone calls. TIP: If you do not recognize the number, let it go to voicemail. Some fraudsters call your phone number after purchasing your information on the black market to see if your number works (i.e., your file is worth trying to exploit). Never return a one-ring call to ascertain who called, because these can also be scams that trigger a charge on your phone bill.
  1. Your Explanation of Benefits lists a doctor visit you didn’t make or a prescription that wasn’t issued to you. TIP: Read all your mail from healthcare providers, making sure that there is nothing in the correspondence that could point to fraud. If you suspect your information has been used, call your healthcare provider immediately.
  1. You are contacted by a debt collector regarding your failure to pay in a timely manner a doctor, laboratory or medical facility. TIP: Demand that the debt collector provides the details within five days and immediately contact the medical provider and your insurer.
  1. Your credit score takes a sudden dive due to a medical collection that mysteriously appears on your credit report. TIP: You can get a free annual credit report from each of the three major credit reporting agencies (or more frequently, depending on the state where you reside). Schedule time to check those reports for any suspicious items, like collection accounts that might not really belong to you. You can also get a free overview of your credit and two free credit scores from Credit.com, updated every 14 days so you can watch for important changes.

While we may not be looking at a medical identity theft “apocalypse” a la the zombie shows, movies and comics, medical identity theft can definitely feel apocalyptic when you’re the victim. Protect yourself, know the warning signs and you just might stand a chance.

This story is an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.

More on Identity Theft:

Image: Ingram Publishing

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them.

Hello, Reader!

Thanks for checking out Credit.com. We hope you find the site and the journalism we produce useful. We wanted to take some time to tell you a bit about ourselves.

Our People

The Credit.com editorial team is staffed by a team of editors and reporters, each with many years of financial reporting experience. We’ve worked for places like the New York Times, American Banker, Frontline, TheStreet.com, Business Insider, ABC News, NBC News, CNBC and many others. We also employ a few freelancers and more than 50 contributors (these are typically subject matter experts from the worlds of finance, academia, politics, business and elsewhere).

Our Reporting

We take great pains to ensure that the articles, video and graphics you see on Credit.com are thoroughly reported and fact-checked. Each story is read by two separate editors, and we adhere to the highest editorial standards. We’re not perfect, however, and if you see something that you think is wrong, please email us at editorial team [at] credit [dot] com,

The Credit.com editorial team is committed to providing our readers and viewers with sound, well-reported and understandable information designed to inform and empower. We won’t tell you what to do. We will, however, do our best to explain the consequences of various actions, thereby arming you with the information you need to make decisions that are in your best interests. We also write about things relating to money and finance we think are interesting and want to share.

In addition to appearing on Credit.com, our articles are syndicated to dozens of other news sites. We have more than 100 partners, including MSN, ABC News, CBS News, Yahoo, Marketwatch, Scripps, Money Magazine and many others. This network operates similarly to the Associated Press or Reuters, except we focus almost exclusively on issues relating to personal finance. These are not advertorial or paid placements, rather we provide these articles to our partners in most cases for free. These relationships create more awareness of Credit.com in general and they result in more traffic to us as well.

Our Business Model

Credit.com’s journalism is largely supported by an e-commerce business model. Rather than rely on revenue from display ad impressions, Credit.com maintains a financial marketplace separate from its editorial pages. When someone navigates to those pages, and applies for a credit card, for example, Credit.com will get paid what is essentially a finder’s fee if that person ends up getting the card. That doesn’t mean, however, that our editorial decisions are informed by the products available in our marketplace. The editorial team chooses what to write about and how to write about it independently of the decisions and priorities of the business side of the company. In fact, we maintain a strict and important firewall between the editorial and business departments. Our mission as journalists is to serve the reader, not the advertiser. In that sense, we are no different from any other news organization that is supported by ad revenue.

Visitors to Credit.com are also able to register for a free Credit.com account, which gives them access to a tool called The Credit Report Card. This tool provides users with two free credit scores and a breakdown of the information in their Experian credit report, updated twice monthly. Again, this tool is entirely free, and we mention that frequently in our articles, because we think that it’s a good thing for users to have access to data like this. Separate from its educational value, there is also a business angle to the Credit Report Card. Registered users can be matched with products and services for which they are most likely to qualify. In other words, if you register and you find that your credit is less than stellar, Credit.com won’t recommend a high-end platinum credit card that requires an excellent credit score You’d likely get rejected, and that’s no good for you or Credit.com. You’d be no closer to getting a product you need, there’d be a wasted inquiry on your credit report, and Credit.com wouldn’t get paid. These are essentially what are commonly referred to as "targeted ads" in the world of the Internet. Despite all of this, however, even if you never apply for any product, the Credit Report Card will remain free, and none of this will impact how the editorial team reports on credit and credit scores.

Your Stories

Lastly, much of what we do is informed by our own experiences as well as the experiences of our readers. We want to tell your stories if you’re interested in sharing them. Please email us at story ideas [at] credit [dot] com with ideas or visit us on Facebook or Twitter.

Thanks for stopping by.

- The Credit.com Editorial Team