Investigators link insurer cyber breach to foreign nation

January 6, 2017

A foreign government was likely behind a cyber breach of health insurance company Anthem Inc. that compromised more than 78 million consumers' records, investigators said Friday.

The California Department of Insurance said Anthem—the nation's second-largest health insurer—has agreed to make $260 million in improvements to its information security systems.

It will also provide credit protection to consumers whose information was compromised, officials said.

Investigators found with a "significant degree of confidence" that the cyber attacker was acting on behalf of a foreign government, Insurance Commissioner Dave Jones said. He did not identify the government.

"This was one of the largest cyber hacks of an company's customer data," Jones said. "Insurers have an obligation to make sure consumers' health and financial information is protected."

The hackers accessed Social Security numbers, birthdates and employment details for customers—all key ingredients for stealing someone's identity.

The state agency says intruders cracked Anthem's database in February 2014 with a phishing email. Anthem has said hackers evaded multiple layers of security to reach its database.

However, a lawsuit filed by customers who say they were affected by the breach paints Anthem as a ripe target.

It says the insurer allowed wide employee access to its database and didn't train employees on handling phishing emails.

The hackers gained remote access to at least 90 other systems within the Anthem enterprise, including Anthem's data warehouse.

The cyber breach was discovered by Anthem in January 2015. In early February, Anthem and its affiliates announced the company had suffered the that included the records of at least 12 million minors.


Explore further: Anthem warns about 'phishing' emails after massive hack

Related Stories

Anthem: Hackers tried to breach system as early as Dec. 10

February 7, 2015

(AP)—The hackers who stole millions of health insurance records from Anthem Inc. commandeered the credentials of five different employees while seeking to penetrate the company's computer network—and they may have been ...

Recommended for you

The wet road to fast and stable batteries

December 14, 2017

An international team of scientists—including several researchers from the U.S. Department of Energy's (DOE) Argonne National Laboratory—has discovered an anode battery material with superfast charging and stable operation ...

US faces moment of truth on 'net neutrality'

December 14, 2017

The acrimonious battle over "net neutrality" in America comes to a head Thursday with a US agency set to vote to roll back rules enacted two years earlier aimed at preventing a "two-speed" internet.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.