Hackers raid Anthem in biggest health care breach yet
Barely a month into the new year, industry has already experienced its first large-scale data breach. Anthem Inc., the second largest insurance provider in the U.S., said it fell victim to a historic attack that saw hackers make off with personal information belonging to tens of millions of Americans.
A systems administrator at Anthem, which was previously known as Wellpoint, first noticed that something was wrong in the middle of last week when he came upon a query made under his name that he didn’t recall running, according to the Wednesday report on the Wall Street Journal that first broke the news of the incident. Further inspection revealed that the internal network has been accessed from the outside, which immediately triggered alarms.
The company promptly notified the FBI and hired Mandiant Corp., a cyber forensics outfit best known for tracing a number of high-profile attacks on American companies to China, to investigate. The emergency team dispatched to the scene traced back the data pulled through the suspicious account to an unnamed cloud storage service, where they encountered a massive trove of information about Anthem’s employees and customers.
The stash included the names, birthdays, addresses and Social Security Numbers of some 80 million individuals, making the incident the single biggest breach in the history of the healthcare sector. That dwarfs the previous record set last year, when Chinese hackers stole 4.5 million records from hospital operator Community Health Systems Inc. There is reason to believe that a well-organized group may also stand behind the breach of Anthem’s networks.
According to David Damato, the managing director of FireEye Inc., which acquired Mandiant last January to complement its cybersecuirty business, the assailants took the trouble of customizing their tactics. That represents a departure from other recent data breaches against major U.S. companies, which exploited common vulnerabilities or recycled malware from previous attacks, but fits into broader trend of hackers specifically targeting healthcare providers.
That’s no coincidence. As one chief security officer once told SiliconANGLE in an interview, medical records fetch top dollar on the black market, even more than credit card numbers. Taken together with the fact that the healthcare sector is among the slowest to respond to technological change and thereby one of the most vulnerable, companies like Anthem make a highly attractive target for hackers.
Thankfully, however, the insurer says that the attackers did not appear to have accessed the medical and financial details stored in the database on which the query that revealed the breach occurred. Moreover, there are no signs of the hackers trying to sell the information that they did obtain on the black market. That’s good news for customers, but could also bee another indication that that the attack was not carried out by common cybercriminals.
Photo: Darron Cummings, AP
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU