Health insurer Anthem hit by ‘very sophisticated’ cyberattack

5 Feb 2015

US company Anthem has laid all its cards on the table after a major security breach compromised users’ information.

In what the company admits was a “very sophisticated external cyberattack”, Anthem has discovered that hackers have accessed the personal information of both current and former members.

By doing this, information such as names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data, was all compromised.

The company claims there is no evidence to suggest credit card or medical information was compromised, and has issued a statement to its users, along with a lengthy Q&A to assure those affected.

Open and honest

Anthem is also contacting all those who have had their information compromised.

“We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind,” said Joseph Swedish, president and CEO of Anthem.

Considering the hack apparently happened just last week, it is a surprising move by a major corporation to come out so openly about the incident.

Indeed The Wall Street Journal places Anthem “in the minority among companies subject to such attacks” following its statement.

“Organisations don’t typically provide notification this early on,” said David Damato, MD at FireEye, which owns Mandiant, the company Anthem has hired to investigate.

Hacking image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com