Anthem, the second largest health insurer in the United States recently witnessed a severe data breach instance. The hackers breached one of its IT systems to steal personal information of around 40 million U.S. customers. This online attack on Anthem by far has been termed as the largest breach in the industry.
As stated by the company, the hackers did not appear to steal medical information or other financial details, such as bank account or credit card details. Rather, the nasty attack was executed to steal critical information like, birthdays, social security numbers, street addresses, e-mail addresses and other employee information, such as income data. The company has initiated investigation and reported the attack to the FBI (Federal Bureau of Investigation), which further hired cyber security Firm FireEye Inc FEYE to move ahead with the inquiry.
Cause of Data Breach at Anthem
Reasons for the successful execution of such a crucial data breach can be many. But, according to experts, lack in security is the prime cause behind the expose of Anthem’s customer records.
As per the reports of Wall Street Journal, the healthcare insurance provider did not encrypt the social security numbers of its current as well as former customers. If the data was encrypted, the customer records would have been less vulnerable as the cyber crooks would have taken time to decrypt and potentially access the data.
Therefore, with no encryption on, the thieves were able to breach the Anthem’s IT system, stealing more than 40 million customers’ data.
Motive behind the Data Theft
Medical identity theft is on the rise as it pays off well for the crooks, especially at black market auctions where a patient’s complete medical records fetch better money than stolen credit card numbers. Therefore, medical identity theft has gained popularity over credit card thefts. Typically, banks issuing credit card details on learning about the theft, cancel the credit card, which is definitely a big put off for hackers. On the contrary, the data fetched through medical identity theft, including date of birth, social security numbers and even physical characteristics do not change. This data is used to carry out many nefarious acts.
This kind of data theft has other repercussions as well. The increased publicity surrounding the breach has already prompted cyber criminals to design phishing e-mail scams in which they are posing as legitimate businesses and are trying to persuade people to sign up for fake credit protection services by sharing personal information.
How to protect yourself?
Just after the attack, Anthem issued an alert warning its customers about the ongoing scam and also the ways in which their data is at the risk of being misused. Still, one needs to be active and aware of the ways in which the nefarious acts by cyber criminals can be negated. Here are some preventive steps that you can take to protect yourself, especially if you are an Anthem victim yourself:
- Go for security freeze to prevent identity theft. It costs around ten dollars, but is one of the top ways to secure your credit card details.
- Activate two-factor authentication, a second step that is added in the login process.
- Change the login usernames and passwords of every account that is associated with your Anthem account.
- Set alerts for all your accounts – hackers can misuse your data in any possible way.
- Find out more about phishing – just don’t click on any link that doesn’t look right.
- Be watchful, keep a constant check at the trash, sent and spam folders of your mailbox.
- Be ready to reset your account anytime. Keep a check at your accounts, see which accounts you can access, reset its password and other security settings.
This is how you can protect yourself from further perils. Though Anthem has already begun investigating the breach and has taken up preventive measures to keep your data safe, security is still your onus. Implement the security checks and stay safe.