Friday, February 6, 2015

ANTHEM: Tens of Millions of Health Insurer Records Breached ... Insurer Didn’t Encrypt Data in Theft

Anthem Inc. stored the Social Security numbers of 80 million customers without encrypting them, the result of what a person familiar with the matter described as a difficult balancing act between protecting the information and making it useful.
Scrambling the data, which included addresses and phone numbers, could have made it less valuable to hackers or harder to access in bulk. It also would have made it harder for Anthem employees to track health care trends or share data with states and health providers, that person said.
The risks became clear last week, when Anthem discovered that hackers had broken into the database and made off with information on tens of millions of consumers, likely making it the largest computer breach disclosed by a health-care company.
Because the data wasn’t encrypted, it would be easily readable by hackers. The company believes a hacker group used a stolen employee password to access the database.
That storage decision has made the country’s second-largest health insurer the latest poster child for a continuing debate in executive suites: Is turning a corporate network into an electronic Fort Knox worth the potential cost?
Read the rest of the story HERE and view a related video below:

If you like what you see, please "Like" us on Facebook either here or here. Please follow us on Twitter here.

No comments: