Here’s something to make you feel sick: If Anthem was your health insurer prior to late 2014, you’ll need to remain vigilant against fraud for the rest of your life. That’s because the information stolen—names, birthdates, medical ID numbers, social security numbers and such—is catnip for identity thieves, who could keep the data for years before selling or using it. The breach, disclosed in February 2015, affected up to 80 million Anthem customers. Reportedly, a user at an Anthem subsidiary clicked a link in a phishing email, which enabled attackers to gain access to the healthcare provider’s IT system—and thus, its customers personal information. Apparently, Anthem’s customer data wasn’t encrypted, which some say showed a lax attitude toward security.
Related: 15 real-world phishing examples — and how to recognize them