|
Health insurer Anthem hit
by massive cybersecurity breach
Send a link to a friend
[February 05, 2015]
By Supriya Kurane and Jim Finkle
(Reuters) - Health insurer Anthem Inc,
which has nearly 40 million U.S. customers, said late on Wednesday that
hackers had breached one of its IT systems and stolen personal
information relating to current and former consumers and employees.
|
|
 The No. 2 health insurer in the United States said the breach did
not appear to involve medical information or financial details such
as credit card or bank account numbers.
The information accessed during the "very sophisticated attack" did
include names, birthdays, social security numbers, street addresses,
email addresses and employment information, including income data,
the company said.
Anthem said that it immediately made every effort to close the
security vulnerability and reported the attack to the FBI.
Cybersecurity firm FireEye Inc said it had been hired to help Anthem
investigate the attack.
The company did not say how many customers and staff were affected,
but the Wall Street Journal earlier reported it was suspected that
records of tens of millions of people had been taken, which would
likely make it the largest data breach involving a U.S. health
insurer.
Anthem had 37.5 million medical members as of the end of December.
"This attack is another reminder of the persistent threats we face,
and the need for Congress to take aggressive action to remove legal
barriers for sharing cyber threat information," U.S. Rep. Michael
McCaul, a Republican from Texas and chairman of the Committee on
Homeland Security, said in a statement late Wednesday.
The FBI had warned last August that healthcare industry companies
were being targeted by hackers, publicizing the issue following an
attack on U.S. hospital group Community Health Systems Inc
that resulted in the theft of millions of patient records.
[to top of second column] |
Medical identity theft is often not immediately identified by
patients or their provider, giving criminals years to milk such
credentials. That makes medical data more valuable than credit
cards, which tend to be quickly canceled by banks once fraud is
detected.
Security experts say cyber criminals are increasingly targeting the
$3 trillion U.S. healthcare industry, which has many companies still
reliant on aging computer systems that do not use the latest
security features.
Anthem said it would send a letter and email to everyone whose
information was stored in the hacked database. It also set up an
informational website, www.anthemfacts.com, and will offer to
provide a credit-monitoring service.
(Reporting by Supriya Kurane in Bengaluru, Jim Finkle in Boston and
Deena Beasley in Los Angeles; Editing by Ken Wills and Alex
Richardson)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
