American health insurance company Anthem, formerly known as Wellpoint, has been hacked and millions of files containing sensitive customer information stolen. The hack was discovered last week and is being described as a “sophisticated intrusion” by the company’s cyber security.
Health insurer Anthem has been hacked and sensitive customer information accessed. The company last week discovered that their database had been accessed and records copied. The information that the hackers obtained included the names of customers, their social security numbers, their health issues, their addresses, emails and incomes.
The cybersecurity experts who evaluated this hack sounded a warning that hackers were changing techniques and targets. It now looks like hackers are going after organizations which do not traditionally have the same level of cybersecurity that the targets that hackers are typically drawn to like banks and financial institutions.
Security expert Mark Bower of Voltage Security was quoted saying “To me, this is the next wave of where we are going to see more and more attacks (of this nature),” adding that “Cybercrime is a business. The attackers will simply move to the next low-hanging fruit.”
All signs point towards hackers starting to leave the financial and credit card hacking and going for information which can be sold to other cybercriminals.
Information such as the one taken from Anthem’s databases could be used in various ways in cybercrime. One of the things that the hackers could do with the information is blackmail the customers by threatening to reveal their sensitive information online. This is especially a route that hackers will take if they find the information of some well-known individuals in the records. The other thing that the hackers could do with the information is sell it to cybercriminal who would then use it to construct insurance frauds.
Unfortunately, this is not the first time Anthem has been in a security breach as far as customer information goes. In the year 2013, the company was forced to pay customers over $1.7 million after it emerged that the company had left information for over 610,000 customers easily accessible online.
The company was also in trouble in 2008 after it erroneously exposed records for over 128,000 customers online. In the year 2006, the company suffered yet another breach after a vendor was attacked and over 200,000 customers had their information exposed.
As of today, it has yet to be determined who was behind the attack. In cases like these, internet security experts note that hackers are unlikely to be found because they will not brag about it online. Attackers like these do not want to be found. The hacker of today is a shrewd business man who doesn’t want to bring undue attention on himself, unlike the hacker of the previous years who wanted to brag about his exploits.
When asked about the attack, Anthem CEO Joseph Swedish said “We will continue to do everything in our power to make our systems and security processes better and more secure, and hope that we can earn back your trust and confidence in Anthem.” The CEO was one of the victims of the attack with his personal data stolen. He was not the CEO when the attack was carried out.
Update 3: Anthem Incorporation acquires Florida’s Simply Healthcare, weeks after the data breach
For more updates, stay tuned…