A generic background image tangentially related to the post

Anthem Health Insurance latest company to suffer massive breach

ISG Tech  |  February 5, 2015

Share: Share on FacebookTweet about this on TwitterShare on LinkedInGoogle+

America’s second largest health insurance company announced in early February that it had fallen victim to a data breach that may have exposed the data of millions of clients. Anthem Health Insurance admitted that the names, birth dates, addresses, Social Security numbers and income data for as many as 80 million clients and employees were potentially compromised due to a lack of encryption. The company said that there is no evidence that financial or medical information was accessed during the breach.

With a toll in the tens of millions, the cyberattack could be the largest breach of a healthcare company ever, putting it on par with the breaches that took place at Target and Home Depot. The “very sophisticated external cyberattack” exposed the information of so many people that even the insurer’s chief executive was affected. Numerous brands of health plans are operated by Anthem, including Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Anthem Blue Cross and Anthem Blue Cross and Blue Shield.

Insufficient protection leaves data at risk
In a statement posted on the company’s website, Anthem claimed to have a state-of-the-art security system in place to protect privileged information, but the two most valuable pieces of data for identity thieves – Social Security numbers and birth dates –  were not encrypted. Not surprisingly, this isn’t the first time Anthem has had client information exposed. A 2012 lawsuit between Anthem Blue Cross and the California Attorney General was settled after a claim that the insurer compromised 33,000 members of their plan when they sent letters with Social Security numbers clearly visible in the envelope windows. In 2013, the company again exposed the Social Security numbers of an undisclosed number of doctors and healthcare providers in a document posted to Anthem’s website.

While the information involved in the breach is not included under the Health Insurance Portability and Accountability Act, Anthem will still likely face lawsuits from those affected as they had plenty of warning that such an event was possible. Last summer, the FBI issued healthcare organizations a warning that hackers were targeting them more frequently in the wake of a large scale data breach against Community Health Systems in which 4.5 million patients had their data stolen. While the threat of data breaches have increased in every industry, the risks are even higher for healthcare organizations where companies keep massive amounts of personal information in large databases.

The following two tabs change content below.

ISG Tech

Hybrid IT Infrastructure
ISG empowers organizations to realize their full business potential with unique technology solutions that help them connect, protect and innovate like never before. Part of the Twin Valley family of companies and a fourth-generation family business, ISG Technology has grown and evolved into a recognized leader in the area by aligning its success with the long-term success of its clients.
About

ISG empowers organizations to realize their full business potential with unique technology solutions that help them connect, protect and innovate like never before. Part of the Twin Valley family of companies and a fourth-generation family business, ISG Technology has grown and evolved into a recognized leader in the area by aligning its success with the long-term success of its clients.

Posted in Blog, Healthcare, Security Tagged with: , , ,
Menu