Last week Anthem Inc., the country’s second-largest health insurer, discovered a breach in their system that may have compromised the personal information of 80 million customers and employees, which makes it likely this will be the largest data breach by a health care industry to date.
Although Anthem is still investigating the source of the breach, they have released a statement calling it a “very sophisticated external cyber attack.” The customer and employee information compromised reportedly included names, birthdays, medical IDs, Social Security numbers, street addresses, email addresses, and income data.
Luckily, no credit card information was compromised, avoiding the need for the involvement of PCI and other financialcompliance regulators. The breach also avoids HIPAA violations as no actual medical information was stolen. The lack of this more heavily regulated information is good news, but with the information that was breached there is still certainly opportunities for identity theft and other financial crimes.
Anthem has been able to stay in top of this breach mainly because they were the first ones to notice the hack, at which point they began taking immediate action. Most data breaches take weeks or months to identify, and many times the company doesn’t notice until their sensitive information shows up for sale on black market websites. As an insurance company, Anthem saw the benefit of planning ahead. Their IT security was able to identify suspicious activity on their network, giving them the chance to limit the damage and identify the source of the attack.
According to FBI spokesman Joshua Campbell, Anthem notified them immediately after identifying the attack and they are working with them in the investigation now, “Anthem’s initial response in promptly notifying the FBI after observing suspicious network activity is a model for other companies and organizations facing similar circumstances. Speed matters when notifying law enforcement of an intrusion, as cyber criminals can quickly destroy critical evidence needed to identify those responsible.”
Anthem established a website, a toll free number (1-877-263-7995), and a credit-monitoring service for affected customers and employees to get information about the attack and protect themselves. They have done a good job keeping the public updated as the situation unfolds further. With situations like this, a company’s public image can suffer. The companies that have come out of breaches the best are the ones that are honest and forthcoming from the start.
“I assure you that we are working around the clock to do everything we can to further secure your data.” – Anthem President and CEO, Joseph Swedish
This health care cyber attack offers lessons for other insurance agencies, health care companies, and any other organization with sensitive information to protect. When protecting yourself against user based threats or external cyber attacks, it is vital to have a security system that can identify suspicious activity on your network. Once you identify this activity, working quickly and being open with the public are key to getting through the breach with your information, your customers, and your company still intact.
Anthem is still investigating the full extent of their breach but because they had activity monitoring in place and took the right steps after the breach, they should get through it intact.