Tens of millions of customers' details hacked at US insurer Anthem

[AnonOps]

Tens of millions of customers' details hacked at US insurer Anthem

Date February 6, 2015 - 5:46AM
Crayton Harrison and Jordan Robertson

Hackers broke into the company's database in an attack bound to stoke fears many people have about the privacy of their most sensitive information. Photo: Michael Conroy

New York: Anthem, the second biggest US health insurer by market value, said hackers obtained data on tens of millions of current and former customers and employees in a sophisticated attack that has led to a Federal Bureau of Investigation probe.

The information compromised includes names, birthdates, Social Security numbers, medical IDs, street and e-mail addresses and employee data, including income, Anthem said. The company will notify customers who were affected and provide credit and identify-theft monitoring services for free, Chief Executive Officer Joseph Swedish said in a letter to members.

"As soon as we learned about the attack, we immediately made every effort to close the security vulnerability, contacted the FBI and began fully cooperating with their investigation," Anthem said. The Indianapolis-based company, formerly known as WellPoint, didn't provide information on how the breach occurred or when it was discovered.

The hacking of personal data has become a major issue for consumers and companies alike.

There's no evidence that credit-card numbers or medical information such as claims, test results or diagnostic codes were compromised, Anthem said.

The Anthem breach is the biggest in the health-care industry since Chinese hackers stole Social Security numbers, names and address from 4.5 million patients of Community Health Systems, the second-biggest for-profit hospital chain, last year. The attack is on a similar scale to hacks of customer data from Target and Home Depot last year in terms of the number of people affected.

"This attack is another reminder of the persistent threats we face," US Representative Michael McCaul, a Texas Republican who leads the Homeland Security Committee, said.

It's not known yet where the attack came from or how the hackers got inside Anthem's computer systems, said Vitor De Souza, spokesman for FireEye Inc., whose Mandiant division was hired this weekend to investigate the breach and began sending specialists to Anthem's headquarters.

What is known is that the malicious software used to infiltrate the network and steal data was customised, which can be a sign of an advanced attacker, and is a variant of a known family of hacking tools, Mr De Souza said. What's rare in this case is that Anthem discovered the breach itself, instead of being alerted to it by a third party such as a bank or a credit-card company, Mr De Souza said. Such organisations are often the first to detect fraud and link stolen data to a hacking attack.

Investigators were able to track the stolen data to an Internet storage service that the attackers were using to warehouse their pilfered information, he said.

Mr De Souza added that Mandiant, which has investigated such big- name breaches as Sony Pictures Entertainment and JPMorgan Chase & Co., is seeing more attacks against health-care companies, which are repositories of personal information that can be used for all kinds of fraud.

"We have seen a large uptick in health-care attacks -- health care is now a common vector of attack," he said. "You have your traditional ones, government, finance, high-tech and critical infrastructure are dominating, but health care and legal stand out as among the fastest-growing attack vectors in the world."

Aetna Inc., the third-largest US insurer, said in 2009 it was notifying about 65,000 people that their personal information, including Social Security numbers, may have been compromised on a job applicant site in 2009.

Social Security numbers are among the worst kind of data to have stolen, because they are difficult to change and are used pervasively, especially for access to medical care, government services and opening new lines of credit.

Most large breaches, such as Target's, involve payment-card numbers, as those are of most immediate and easiest use for cyber-criminals, who exploit the gap between when information is taken and when companies discover a breach to withdraw cash from ATMs and run up fraudulent charges before the cards are canceled. For cyber-criminals, Social Security numbers are more useful, in that they can be used to validate people to lenders, but they require the extra step of setting up new accounts, which some online crooks find too time-consuming and risky.

Bloomberg

 

[AnonOps]

Chinese hackers suspected after massive data breach at US health insurer

PUBLISHED : Friday, 06 February, 2015, 10:46am
UPDATED : Friday, 06 February, 2015, 10:46am

Reuters in New York

People walk past the office building of health insurer Anthem in Los Angeles. The insurer is investigating the hacking of a database with 80 million records. Photo: Reuters

Several US states are investigating a massive cyberattack on No 2 US health insurer Anthem Inc that is being looked at for possible ties to China, according to a source familiar with the probe.

Separately, representatives from Anthem were scheduled on Friday to brief the House Energy and Commerce Committee on the breach. “This latest intrusion into patients’ personal information underscores the increasing magnitude and evolving nature of cyber crimes,” Fred Upton, the committee’s chairman, said in a statement. “Every business is at risk and American consumers are anxious.”

Connecticut Attorney General George Jepsen asked Anthem Chief Executive Joseph Swedish to provide by March 4 detailed information about the cyberattack, the company’s security practices and privacy policies, according to a letter obtained on Thursday.

“We hope and expect to work in close coordination with other attorneys general,” said Jaclyn Falkowski, a spokeswoman for Jepsen.

Anthem disclosed the attack late Wednesday, saying unknown hackers had penetrated a database with some 80 million records. The insurer said it suspected they had stolen information belonging to tens of millions current and former customers as well as employees.

US President Barack Obama’s cybersecurity adviser, Michael Daniel, speaking at a seminar in Washington, called the data breach “quite concerning”and warned consumers to change their passwords and monitor their credit scores.

The attorneys general of Illinois, Massachusetts and North Carolina are also looking into the breach, according to representatives of their offices.

Connecticut has worked with other states to investigate some of the biggest US data breaches reported to date, including ones at retailers Target Corp and Home Depot. The office of Connecticut’s attorney general said Anthem has agreed to two years of credit monitoring for customers there.

A representative for New York Attorney General Eric Schneiderman declined to say if he planned to work with Connecticut but noted his office had contacted Anthem to discuss protecting its customers in wake of the data breach.

A source familiar with the probe said that a connection to China was being looked at.

The Wall Street Journal said that people close to the investigation say some tools and techniques used against Anthem were similar to ones used in previous attacks linked to China.

A representative with FireEye, which was investigating the attack on behalf of Anthem, declined comment.

The FBI said late Wednesday it was also looking into the matter but did not discuss suspects. FBI officials could not immediately be reached on Thursday.