Anthem, the second largest health insurer in the United States, are the latest high profile victim of a major data security breach. Compromised network credentials for up to 5 employees are thought to have been used to gain unauthorized network access to a corporate database, reportedly containing a wealth of personal information on current and former U.S. customers and employees.
Sensitive Personal Information maintained in a Network
In a released statement Anthem report that as many as 80 million customers have had their personal information stolen. Employees were also exposed, including the president and chief executive Joseph R. Swedish.
Whilst no personal medical data or credit card information has been reported to have been compromised, the type of information stolen in the breach could be viewed as more valuable, more dangerous and far more difficult to change or cancel. If your card gets stolen, you cancel it and get a new one in a few days. You can’t just order a new identity.
Health care companies are particularly attractive targets to hackers because of the wealth of sensitive personal information they maintain in their networks. The personal information stolen – such as name, birthday, medical IDs, social security numbers, street addresses, email addresses and employment information, including income data – is the type of information that can create problems for those affected for years to come. Such information can be sold on the black market to open the door to a range of identity theft schemes whilst stolen medical information can be used to make false insurance claims.
UserLock protects against Unauthorized Network Access
In the case of the Anthem breach, stolen user credentials are thought to have been used to gain network access and steal sensitive data. The company said hackers obtained the credentials of five different employees to try to penetrate the network, and may have been inside the system since December.
Unfortunately, examples of internal security breaches are getting increasingly common, and healthcare is an industry which is particularly susceptible. IS Decisions’ independent research among 500 IT professionals found that those working in the healthcare sector are experiencing twice as many internal breaches compared to the average across other industries, so perhaps it’s unsurprising we have seen a major one occur now.
Organizations can protect against stolen or compromised user credentials with further security layers and restrictions on where and how employees access the network. In this way even when credentials are compromised it can stop malicious users seamlessly using valid credentials and stealing sensitive data. This is achieved on a Microsoft Windows Server Network with the proven and unique solution UserLock.
