قالب وردپرس درنا توس
Home / Insurance / Cyber ​​Case Study: Anthem Data Breach – CoverLink Insurance

Cyber ​​Case Study: Anthem Data Breach – CoverLink Insurance



At the end of 2014, Anthem – a well-known health insurance company that provides coverage to more than 100 million Americans – suffered a major data breach. Foreign cybercriminals used malicious e-mail tactics to gain access to Anthem's computer system and then jeopardize the personal information of millions of members. The hacking of Anthem's data was revealed to the public in early 2015, causing widespread alarms among Anthem's members and costing the company hundreds of millions of dollars in recovery efforts and legal fees.

This intrusion has since been called one of the most devastating cyber incidents in the US healthcare industry, contributing to a nationwide conversation about the importance of data protection. In the aftermath, organizations can learn various cybersecurity lessons by examining the details of this incident, its impact, and Anthem's mistakes along the way. Here's what your organization needs to know.

Anthem Data Breach Details

  Anthem Data Breach On February 18, 2014, the Chinese cybercrime group Deep Panda used a phishing scam to trick an Anthem employee into opening an email containing malicious content. When the e-mail was opened, cybercriminals distributed malicious software on the employee's computer. Through this program, Deep Panda moved sideways within Anthem's network and eventually gained access to more than 50 employee accounts and 90 different systems. Among these systems was the company's data warehouse, which had registers of millions of Anthem members.

After infiltrating Anthem's data warehouse, cybercriminals began transporting records from this system. On December 10, 2014, Deep Panda had filtered out the records of nearly 80 million Anthem members. These records contained a wide range of personal information – including name, date of birth, social security number, medical identification number, contact information (eg e-mail and home addresses) and income data. Fortunately, members' credit card information, medical history and injury data were not compromised.

On January 27, 2015 – more than a month after the data warehouse's filtering out – Anthem discovered that the intrusion had taken place. Within days, the company informed the federal authorities of the incident. The following week, Anthem shared information about the breach with the public through a written press release on February 4, 2015. Later that month, the company hired a cyber security company to investigate how the breach occurred and develop measures to prevent future incidents. In the following years, the US Department of Justice eventually prosecuted several Chinese hackers in connection with Deep Panda for their involvement in the incident. the large-scale infringement.

Recovery costs
The company had significant recovery costs after the infringement. In fact, the incident is estimated to have cost Anthem a total of almost $ 260 million. To break down these expenses, the company first spent over $ 30 million to inform the public about the violation. In an effort to support members affected by the incident, Anthem then spent $ 112 million to offer these people credit monitoring and identity theft protection. From there, the company spent an additional $ 2.5 million to enlist the help of expert consultants during the investigation. Finally, Anthem spent $ 115 million to strengthen several cyber security measures in the workplace and implement improved data protection protocols.

Reputation damage
Anthem also received widespread criticism from its members, media and security experts after the crime. Although the company possessed various cyber security measures and an incident management plan that helped mitigate damage upon discovery of the breach, Anthem still experienced scrutiny of its inadequate data protection practices. The company failed to encrypt the records in its data warehouse – an important step that could have kept members' personal information private from Deep Panda and greatly minimized the overall impact of the incident.

Legal consequences
In the years after the infringement, Anthem faced many lawsuits from various avenues. The company first reached a $ 115 million deal in 2017 with individuals affected by the incident. In 2018, Anthem then paid a record $ 16 million settlement to the Office for Civil Rights for Health Insurance Portability and Accountability Act (HIPAA) violations arising from the violation. Prior to this settlement, the maximum HIPAA penalty recorded was less than $ 6 million. Most recently, Anthem paid a $ 39.5 million settlement in 2020 to a coalition of 44 states to resolve a variety of crime-related allegations.

In total, the incident is estimated to have cost Anthem a total of almost $ 260 million. [19659016] Lessons from the Anthem Data Breach

There are several cybersecurity downloads from the Anthem data breach. In particular, the event emphasized these critical lessons.

Employee training is critical.
Employees are often the first line of defense against cyber incidents. This point was really emphasized during the data breach in Anthem. If Anthem's staff had been able to recognize Deep Panda's misleading email tactics, this incident would probably have been completely prevented. With this in mind, it is important for all employees to receive adequate training on cyber security in the workplace. Knowing how to detect and respond to potential cyber threats – such as phishing – can help employees stop cybercriminals in their tracks. Specifically, employees should be trained in these best practices about security:

  • Avoid opening or replying to emails from unknown individuals or organizations. If an email claims to be from a trusted source, verify their identity by double-checking the address.
  • Never click on suspicious links or pop-ups, whether they are in an email or on a website. Do not download attachments or programs from unknown sources or sites.
  • Use unique, complicated passwords for all workplace accounts. Never share references or other sensitive information online.

Data protection should have the highest priority.
Despite other valuable cybersecurity measures taken during the breach, Anthem left members' records vulnerable by neglecting to implement data protection protocols. Especially in health care, leaving data unprotected can have serious consequences. Because health data often contains information (such as individuals' personal data and intellectual property rights relating to medical research) that is considered very valuable to cybercriminals, the likelihood of such data being directed at a crime increases. In fact, a stolen healthcare record is usually valued at about $ 250 on the black market, while the second highest value (such as stolen credit card information) drops to just $ 5.40. In any case, Anthem's shortcomings in data security showed how important it is to take extra measures to protect sensitive information so that related losses during cyber incidents are prevented. Important data protection measures include:

  • Encryption of all sensitive workplace data
  • Restrict employee access to sensitive information when needed network
  • Perform routine data backups on a secure, offline site

Effective security software is a must.
In addition to employee training and data protection, a wide range of security programs could have helped Anthem detect, mitigate and potentially prevent this intrusion. While this software may seem like an expensive investment, it is well worth it to avoid devastating cyber incidents. Necessary security software that should be considered includes network monitoring systems, antivirus software, endpoint detection products and patch management tools. This software should be used on all technologies in the workplace and updated regularly to ensure efficiency. It is also valuable to perform routine penetration tests to determine if this software has any security vulnerabilities or ongoing vulnerabilities. If such tests reveal any problems, these issues should be addressed immediately.

Proper coverage can provide much needed protection.
Finally, this crime made it clear that no organization – not even a major health insurance company – is immune to cyber-related losses. Therefore, it is crucial to ensure adequate protection against potential cyber incidents that ensure proper coverage. Make sure your organization works with a reliable insurance professional when navigating these coverage decisions.

For more risk management and insurance solutions, contact us today.


Source link