Brian Krebs reports: Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. Read his full article on…
Category: Health Data
Aspire Indiana notifies over 45,000 employees and clients after burglars nab office laptops
Since HHS has been revamping their breach tool, I’ve had a tough time figuring out what’s newly added or what I’ve missed. One incident, caught my eye, however, and I was able to find the covered entity’s notice of the breach. An undated notice* linked from Aspire Indiana, Inc.‘s home page explains: Aspire Indiana, Inc. Notifies Individuals…
OPM monitoring Anthem breach; 1.3m federal employees covered by Anthem
Aliya Sternstein had an interesting exclusive the other day on NextGov: The Office of Personnel Management is keeping a close eye on details emerging about a hack at the second biggest U.S. health insurer, Anthem Inc., which provides coverage to 1.3 million federal employees. Anthem runs the Blue Cross-Blue Shield Service Benefit Plan, better known…
At least four lawsuits filed against Anthem within days of breach disclosure
Yes, it was less than 24 hours before the first potential class action was filed. Here are four potential class action lawsuits we know about already: Indy law firm files lawsuit on behalf of Anthem customers (Plaintiff: Karen Meadows) Anthem Sued Over Large Data Breach by California Consumer (Plaintiff: Susan Morris) Anthem’s big data breach…
Anthem Alerts Consumers to Protect Themselves from Phishing Emails
Some people are already receiving phishing emails, it seems. Anthem has issued the following press release in response: INDIANAPOLIS–(BUSINESS WIRE)–Feb. 6, 2015– Individuals who may have been impacted by the cyber attack against Anthem, should be aware of scam email campaigns targeting current and former Anthem members. These scams, designed to capture personal information (known…
Why even strong crypto wouldn’t protect SSNs exposed in Anthem breach
Steve Bellovin explains: Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this, it’s not going to help. If your OS is secure, you don’t need the crypto; if it’s not, the crypto won’t protect your data. In a case…