Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Data Breach at Health Insurer Anthem 80 million records

    anthemLast updated Feb 7, 2015 - Both the Wall Street Journal and cyber security blogger Brian Krebs reported that Anthem Inc., the nation’s second largest health insurer disclosed that hackers had broken into its servers and stolen Social Security numbers and other personal data. The WSJ said this could be up to 80 million records which makes this one of the largest hacks in Healthcare. The social security numbers were not encrypted which is surprising to say the least.

    Anthem said that the company was the target of a “very sophisticated external cyber attack” that exposed names, dates of birth, member ID/ Social Security numbers, addresses, phone numbers, email addresses and employment information. The company stressed that the exposed data did not include medical records or financial information.

    “We are working around the clock to determine how many people have been impacted and will notify all Anthem members who are impacted through a written communication,” Anthem said in question and answer page released about the breach. This is a developing story so stay tuned for more. 

    What is new about this attack is that Anthem discovered it themselves, and decide to report it early. Not clear how the bad guys got in, but this smells of a spear phishing attack by eastern European or Chinese cyber mafia followed by data exfiltration, pretty much social engineering business as usual for them.

    Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc. are pointing the finger at state-sponsored hackers from China. Although unconfirmed, that suspicion would explain a confidential alert the FBI circulated last week warning that Chinese hackers were targeting personally identifiable information from U.S. commercial and government networks.

    It is clear that you have to step your users through effective security awareness training to prevent a data breach disaster like this. We have created a template you should send to your employees to inuculate them against the coming attacks. This is how it looks and you can find it in the Current Events System Templates:

    anthemphish

    Find out how affordable this is for your organization today.

    Get A Quote Now

     

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering, Spear Phishing, Data Breach

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews