Anthem customers whose sensitive information was exposed in the major cyberattack that was announced this week are already being targeted by a phishing scam, according to the company.

Anthem on Friday informed the Maine Bureau of Insurance that scam artists are targeting policyholders by sending them an email claiming to be from Anthem and related to the data breach. The emails include a “click here” link for credit monitoring. It is unclear how many policyholders have been targeted by the scam.

These emails are not from Anthem, said Rory Sheehan, an Anthem spokesman. He said the company would not contact customers via phone or email.

The company and the state bureau say customers who receive such emails should not reply to the messages, click on any links, open any attachments or provide any personal information.

The company continues to identify the members who were affected by the data breach and will contact them, including with the offer of free credit monitoring service, via mail delivered by the U.S. Postal Service, Sheehan said in a statement.

There is no indication that the scam emails are being sent by the criminals who committed the cyberattack, or that information accessed in the attack is being used by the scam artists, according to the company.

Indianapolis-based Anthem, which operates Anthem Blue Cross and Blue Shield in Maine, said Wednesday that “a very sophisticated external cyberattack” on its information technology systems gave thieves access to the data of millions of current and former customers and employees, including the company’s more than 312,000 existing customers and more than 800 employees in Maine. The insurer is Maine’s largest by far, handling group health care plans for major organizations.

The breach was first detected Jan. 29, according to the company. The criminals gained access to names, dates of birth, home addresses, Social Security numbers, email addresses, employer names and income figures. The company said no credit card information was compromised.

Investigators suspect China may be responsible for the cyberattack.

The company has established a website – – where customers can access information about the data breach, including frequently asked questions and answers.

There also is a dedicated toll-free number that both current and former members can call if they have questions related to this incident. The number is (877) 263-7995.