Η violation of the insurer Anthem is probably the biggest healthcare hack we've seen, with 80 million people reportedly affected with their personal information data be exposed to unauthorized persons.
While a clear picture has not yet been formed since researchers still collect pieces of the puzzle, the first conclusion seems to indicate China as the place of origin of the attack.
A government-sponsored project or a crime project aimed at financial gain?
Η Anthem is the second-largest US insurance provider and offers services to an impressive number of customers, including workers in sensitive areas such as the defense of the country and government organizations in general.
Northrop Grumman Corporation, a global aerospace and defense technology company, uses Anthem's services to cover its employees' insurance. Anthem's list of customers also includes the Boeing Company, which also has a defense unit.
With this information, the scenario of a targeted attack by a foreign government seems to make sense.
In an official statement of the incident, Joseph Swedish, Anthem's chairman and CEO, said the leaked customer data included names, birthdays, medical IDs, SSNs, addresses, e-mail addresses, and details about employment and income.
He called the breach "a highly sophisticated external attack", suggesting that a group of highly skilled, resource-backed hackers may be behind the hack.
According to The Wall Street Journal, researchers say that Anthem's hack was carried out using malware that seems to have been used almost exclusively by Chinese cyberspies.
Attacking Anthem's systems is not work amateur, that's for sure.
Reports from several news channels state that the data of Anthem stored on the system were not encrypted, highlighting the fact that attackers could access plaintext files.
Encryption is used to protect stored information as well as during transfer from client to server. This ensures that unauthorized people can not use the information even if they are in their hands or at least they can make less use of them.
However, according to Anthem, there was an unauthorized activity in the 10 2014 27 2015 December XNUMX administrator's log-in, which continued sporadically up to XNUMX January XNUMX. The company's survey showed that the manager's log-in credentials had changed hands.
