Brian Krebs reports: Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. Read his full article on…
Category: Of Note
Altegrity Files Bankruptcy; Lost OPM contract following USIS hack
Add Altegrity to the short list of businesses that collapse following a data breach, although it may not be the consequences of the breach that were solely responsible. Since August 2014, Altegrity Inc., the government contractor principally owned by private equity firm Providence Equity Partners, has been dealing with the consequences of a cyber-attack in one of its…
Uncovering Security Flaws in Digital Education Products for Schoolchildren
Natasha Singer reports: When Tony Porterfield’s two sons came home from elementary school with an assignment to use a reading assessment site called Raz-Kids.com, he was curious, as a parent, to see how it worked. As a software engineer, he was also curious about the site’s data security practices. And he was dismayed to discover that…
HSBC insider breach: Fallout continues for private banking clients and the bank
The HSBC data theft by their former employee Hervé Falciani is finally getting a lot of mainstream media attention here, with 60 Minutes doing a segment on Falciani last night (video). The computer files, which Falciani shopped to a number of governments, reveal that HSBC, one of the largest banks in the world, profited from its…
Why even strong crypto wouldn’t protect SSNs exposed in Anthem breach
Steve Bellovin explains: Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this, it’s not going to help. If your OS is secure, you don’t need the crypto; if it’s not, the crypto won’t protect your data. In a case…
Health insurance giant Anthem Blue Cross and Blue Shield discloses breach that could affect tens of millions of customers and employees (Update2)
Following the disclosure by Community Health Systems in an SEC filing that they suspected Chinese hackers were responsible for the theft of 4.5 million patients’ information, the FBI sent out a “Flash” warning to alert the the healthcare sector that it was being targeted by hackers. It was the second warning they had issued in a period of a few months. In…