The second largest health insurance provide, Anthem, was recently hit by hackers in what is being called the largest attack in the healthcare sector so far. The Wall Street Journal reported that the healthcare managers accepted that data was breached and that information was stolen. They said up to 80 million records containing customer details and employee information might have been stolen and there is no way to confirm that they were not.
This data, believed to be stolen by cyber attackers, has client names, their date of birth, physical addresses, email addresses, and social security numbers. The medical insurer could not however tell whether the medical records of customers were stolen.
The attack was detected by an employee who saw a search running on the server without anyone initiating it. He became suspicious and informed his superiors who then came in and took measures to stop the attack. FBI was informed soon and it was on the spot to assess the damage done. A security firm called FireEye was also contacted to assess the damage and to help them fix their computer network vulnerabilities.
Anthem says that not only data of current customers, but that also of former customers might have been stolen. The FBI is continuing its investigation to find out both the level of damage and to figure out the origin of attack.
The CEO of Anthem has apologized personally in a press release saying he understands how the customers might be feeling and that they were supposed to protect their information. But the attack was unseen and also added that they are working on improving the security of their systems so that no such incident happens again in future.
As a compensation, Anthem will be providing free credit monitoring services for its customers just in case the credit card information was also stolen. It also plans to provide identity protection services for customers whose data was stolen.
Meanwhile, the security firm hired to improve the systems has said that the attack was customized and done by professional attackers as there were no indications of off-the-shelf tools being used. Lior Arbel, the CTO of security firm Performanta said that Anthem has to be credited that it had detected the attack on its own and added that this attack should be a wake up call to all retailers who should upgrade their networks and do something about the attacks that may be incoming in near future.