Not long after managed health care company Anthem announced its massive breach late on Wednesday, buyers took to underground forums and marketplaces to request the data that was accessed in the attack, according to cyber intelligence firm IntelCrawler.

In a Friday email correspondence, Andrew Komarov, CEO of IntelCrawler, told that the company found posts on forums and marketplaces on the Tor network and several other private underground communities – all requesting some or all of the Anthem data.

“We see that [the] illegal pharmacy community and serious spammers are very interested in this data, which can be easily commercialized by them and underground affiliate networks,” Komarov said, going on to add that individuals may also “trade this information for healthcare fraud.”

Meanwhile, watch out for calls requesting information – Anthem said it is not calling, and impacted members will be notified via mail.