Η violation of the insurer company Anthem μάλλον είναι το μεγαλύτερο hack σε φορέα υγειονομικής περίθαλψης που έχουμε δει, καθώς σύμφωνα με πληροφορίες έχουν επηρεαστεί 80 εκατομμύρια άτομα με τα τα προσωπικά τους data be exposed to unauthorized persons.
While a clear picture has yet to be formed as pieces of the puzzle are still being collected by researchers, the first conclusion seems to point to China as a place wheretreatmentof the attack.
A government-sponsored project or a crime project aimed at financial gain?
Η Anthem is the second-largest US insurance provider and offers services to an impressive number of customers, including workers in sensitive areas such as the defense of the country and government organizations in general.
Northrop Grumman Corporation, a global aerospace and defense technology company, uses Anthem's services for its employee insurance coverage. Anthem's client list also includes Boeing Company, which also has a defense unit.
With this information, the scenario of a targeted attack by a foreign government seems to make sense.
In an official statement of the incident, Joseph Swedish, Anthem's chairman and CEO, said the leaked customer data included names, birthdays, medical IDs, SSNs, addresses, e-mail addresses, and details about employment and income.
He called the breach "a highly sophisticated external attack", suggesting that a group of highly skilled, resource-backed hackers may be behind the hack.
According to The Wall Street Journal, researchers say that Anthem's hack was carried out using malware that seems to have been used almost exclusively by Chinese cyberspies.
The attack on Anthem's systems is not an amateur job, that's for sure.
Reports from many news channels report that the Anthem data stored in the system was not encrypted, highlighting the fact that intruders could access plain text files.
The encryption you use for the protection of the stored information, as well as during the transfer from the client to the server. This ensures that unauthorized people cannot make use of the information even when they have it in their hands, or at least they can make less use of it.
However, according to Anthem, there was an unauthorized activity in the 10 2014 27 2015 December XNUMX administrator's log-in, which continued sporadically up to XNUMX January XNUMX. The company's survey showed that the manager's log-in credentials had changed hands.