Lessons Learned from the Anthem Data Breach of 2015
In January 2015, US-based health insurer Anthem was hit by a massive cyber-attack that accessed the personal information of millions of Anthem customers and employees. The stolen personal information includes residential addresses, birthdays, medical identification numbers, Social Security Numbers, email addresses and some income data belonging to both current and former customers and employees, including its own chief executive.
“On January 29, 2015, Anthem, Inc. (Anthem) discovered that cyber attackers executed a sophisticated attack to gain unauthorized access to Anthem’s IT system and obtained personal information relating to consumers who were or are currently covered by Anthem or other independent Blue Cross and Blue Shield plans that work with Anthem. Anthem believes that this suspicious activity may have occurred over the course of several weeks beginning in early December, 2014.” Anthem Inc.
It may take years for Anthem to recover from this unmitigated disaster, but for other businesses it is important to look at what could have been done differently.
Phillip Britt of eSecurity Planet gives a good overview of some of the lessons learned for businesses:
For users, Forbes’ Gregory S. McNeal looks at better ways to protect yourself: