On December 2014, Anthem’s databased was compromised by someone that used their credentials to run a query. The breach was not discovered until January 2015. Anthem Inc. security breach was made public in February 2015, and affected at least 80 millions of people. Anthem was at the moment the second-largest health insurance company in the nation. Their president and CEO, Joseph Swedish said to the media: “Anthem was the target of a very sophisticated external cyber-attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members.”
The information that was hacked included: names, date of birth, social security numbers, medical ID numbers, street and e-mail addresses, employment and income information. No medical information was stolen, so this case was not ruled by Health Insurance Portability and Accountability Act (HIPAA).
The investigation revealed the hackers used the computer …show more content…
Companies should train their employees (not only IT employees) to be caution in the use of their credentials, and to report any suspicious email or activity in their accounts.
Anthem’s officials acted quickly. They notified FBI after noticing unusual network activity. Time played an important role in this case, and the early intervention of the FBI avoided the hacking to extend much more. Anthem changed all the passwords as soon as they knew about the breach. They also secured the data warehouse to prevent future attacks.
Anthem also created a website: www.anthemfacts.com. The website would provide updated information about the breach. Anthem kept the affected population informed, but this didn’t prevent lawsuits to file against the company. Several lawsuits were filed, they alleged that the company didn’t have the proper data security to prevent and protect the customer’s personal
The information that was hacked included: names, date of birth, social security numbers, medical ID numbers, street and e-mail addresses, employment and income information. No medical information was stolen, so this case was not ruled by Health Insurance Portability and Accountability Act (HIPAA).
The investigation revealed the hackers used the computer …show more content…
Companies should train their employees (not only IT employees) to be caution in the use of their credentials, and to report any suspicious email or activity in their accounts.
Anthem’s officials acted quickly. They notified FBI after noticing unusual network activity. Time played an important role in this case, and the early intervention of the FBI avoided the hacking to extend much more. Anthem changed all the passwords as soon as they knew about the breach. They also secured the data warehouse to prevent future attacks.
Anthem also created a website: www.anthemfacts.com. The website would provide updated information about the breach. Anthem kept the affected population informed, but this didn’t prevent lawsuits to file against the company. Several lawsuits were filed, they alleged that the company didn’t have the proper data security to prevent and protect the customer’s personal