Anthem, Inc.’s database was attacked by hackers potentially compromising the personal information of approximately 80 million former and current customers, as well as employees. The affected information includes names, dates of birth, medical IDs or Social Security numbers, street addresses, and email addresses.
According to a statement from Anthem president and CEO Joseph Swedish posted on the company website:
“Based on what we know now, there is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised,” Swedish said. “Once the attack was discovered, Anthem immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation.”
Swedish added that the personal information of Anthem employees, including himself, were also compromised in this data breach using “very sophisticated external cyber attack”.
“We join you in your concern and frustration, and I assure you that we are working around the clock to do everything we can to further secure your data,” he said.
Anthem will notify the affected individuals.
“I want to personally apologize to each of you for what has happened, as I know you expect us to protect your information,” Swedish said. “We will continue to do everything in our power to make our systems and security processes better and more secure, and hope that we can earn back your trust and confidence in Anthem.”
The HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) has been collaborating with Anthem since it discovered the breach.
“As additional information becomes available, Anthem has committed to continue to work with the HITRUST C3 to disseminate any findings and lessons learned that can help other organizations better prepare and respond to these type of cyber incidents.”
Get your personal as well as office laptops encrypted by Alertsec
Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.
Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.