US insurer Anthem suffers hack attack

  • 11 February 2015
US insurer Anthem suffers hack attack

As many as 80 million customers of US health insurer, Anthem, have had their personal information stolen.

The sophisticated hacking attack, thought to be one of the largest ever breaches of health information security in US healthcare, was confirmed by Anthem last week.

In an advisory on the breach, Anthem says that it has contacted the FBI. Anthem is the second-largest health insurance company in the US and has customers in 14 states.

The affected database had records for approximately 80 million people in it.  The breach is known to have affected tens of millions of these records.

Hackers breached Anthem's computer systems and got information including names, birthdays, medical IDs, Social Security numbers, and personal demographics, employment and income data.

Anthem says that no medical data has been stolen, meaning that the breach would not be covered by US HIPAA medical data security regulations, but the personal data taken would facilitate medical fraud or identity theft.

"Anthem was the target of a very sophisticated external cyber attack," Anthem president and CEO Joseph Swedish said in a statement.

On the advisory website Swedish said the records of Anthem staff, including his own, had been breached, and said in a statement to members:

“I want to personally apologize to each of you for what has happened, as I know you expect us to protect your information.”

Anthem identified the attack partly because it had been sharing so-called ‘indicators of compromise’ — internet addresses, malware signatures and other information associated with the breach – with other healthcare providers, working through the Health Information Trust Alliance  or HITRUST.

“It was quickly determined that the indicators of compromise were not found by other organisations across the industry and this attack was targeted a specific organization,” HITRUST wrote in its alert.

In the UK the Health and Social Care Information Centre is believed to be working with dozens of NHS trust on simulated hacking attacks to help them test their cyber-security and ability to defend against hacking attacks.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Healthcare sector has lowest levels of security protection for AI

Healthcare sector has lowest levels of security protection for AI

A new survey has revealed the gaps that exist between AI usage in the healthcare sector, and investment in securing the use of AI tools…
AI-powered platform from thymia expands to four continents

AI-powered platform from thymia expands to four continents

The thymia platform is expanding across four continents to measure the efficacy of its AI-powered video games for diagnosing mental health conditions.
High profile Palantir and Foxglove debate to close Rewired 2023

High profile Palantir and Foxglove debate to close Rewired 2023

Palantir's UK boss and the director of Foxglove will go head-to head in the closing debate at Rewired on how the NHS can benefit from…