One of the US' largest health insurers, Anthem, has announced last week that millions of their employee and client records have been illegally accessed through a sophisticated cyberattack.
While Anthem is still cooperating with ongoing investigations regarding the attack, the initial information given was that around 80 million customer and employee records in a database were compromised. The data apparently include addresses, birthdates, names, employment and income information.
However, they claim that credit card data were not included in the breach and stated that medical records and doctor information were likely not compromised.
This could be one of the largest breaches in client data to date and the largest in the healthcare sector, noted Harver Health Insurance Counter Fraud Group, as Anthem owns a number of brands like Anthem Blue Shield, Anthem Blue Cross, Empire Blue Cross and Blue Cross of Georgia.
According to the health insurer, they learned of the breach by the end of January and have notified the FBI promptly. Cybersecurity firm Mandiant was also called in to secure Anthem's computer systems.
Anthem Chief Executive Joseph Swedish, whose personal data was involved as well, apologized through a letter and emphasized that they are working continuously to ensure their clients' and staff's data.
Security breach threats are particularly concerning in the financial and healthcare sectors that usually collect sensitive information about clients. Even without credit card information, combinations of names, birthdates and Social Security numbers would be more than enough to gain a lot of money in the black market. In fact, the FBI has already ranked cybercrime as a top law enforcement activity.
Technology experts from Harver Health Insurance Counter Fraud Group and other law enforcement officials are saying that getting hacked is inevitable and it's only a matter of when. They admitted that it is a challenge to keep up with the cyber criminals especially since most of them are based abroad.
Anthem promised that it will give free credit monitoring and identity repair services for affected clients.