The Big Mass Attack: Massachusetts AG Investigates History-Making Anthem Data Breach

Addressing what is being called the most massive health information data breach in history, Massachusetts Attorney General Maura Healey has launched an investigation into the Anthem cyber attack. The files of as many as 80 million customers and employees have been compromised, according to reports.

IF“Our office takes reports of this breach seriously and will be investigating the matter. We are actively reaching out to Anthem, insurance providers and other Attorneys General to determine the extent of the breach in Massachusetts, the circumstances behind it, and to attempt to protect Massachusetts consumers.”

Anthem reports that it is investigating the exact scope of the breach, and that based on its investigation, it appears that attackers were able to gain unauthorized access to Anthem’s IT system and obtain information from Anthem’s current and former customers, as well as its employees, including names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Anthem reports that there is no evidence at this time that credit card or medical information (such as claims, test results or diagnostic codes) were compromised.

Mark Greisiger, president of NetDiligence®, said this breach shows that hackers do not discriminate when it comes to the sophistication level of organizations.

Mark Greisiger Speaking“The massive Anthem data breach underscores that unfortunately all organizations — regardless of size or sector — are susceptible to sophisticated cyber-attacks.  The fact is that companies even with prudent security and privacy practices in place can still suffer a catastrophic data breach.  This is due simply to the many network dependencies and variables that can undermine the ability to safeguard information assets across an enterprise, including sensitive customer data. This mega exposure — including probably one of many class action lawsuits — is a reality concerning many CFO/ Risk Manager clients.”

HB Litigation Conference Presents

NetDiligence® Cyber Risk & Privacy Liability Forum

June 2-3, 2015