Health insurer Anthem disclosed yesterday that hackers gained unauthorized access to its IT systems and stole personal information relating to current and former members and employees.

Calling it a “very sophisticated external cyber attack,” Antham CEO Joseph Swedish said the personal information that attackers compromised includes “names, birthdays, medical IDs, Social Security Numbers, street addresses, e-mail addresses, and employment information, including income data.” Swedish said the breach does not appear to have compromised credit card or medical information.

“Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation,” Swedish said. He added that Anthem also has retained cyber-security firm Mandiant to evaluate Anthem’s systems and “identify solutions based on the evolving landscape.”