Η violation of the insurer company Anthem is probably the biggest hack in a health care provider we've seen, as 80 has been reportedly affected by millions of people with their personal data exposed to unauthorized individuals.
While a clear picture has not yet been formed since researchers still collect pieces of the puzzle, the first conclusion seems to indicate China as the place of origin of the attack.
A government-sponsored project or a crime project aimed at financial gain?
Η Anthem is the second-largest US insurance provider and offers services to an impressive number of customers, including workers in sensitive areas such as the defense of the country and government organizations in general.
Η Northrop Grumman Corporation, μια παγκόσμια εταιρεία αεροδιαστημικής και αμυντικής τεχνολογίας, χρησιμοποιεί τις υπηρεσίες της Anthem για την ασφαλιστική κάλυψη των υπαλλήλων της. Ο κατάλογος των πελατών της Anthem περιλαμβάνει επίσης την Boeing Company, που έχει επίσης μια μονάδα άμυνας.
With this information, the scenario of a targeted attack by a foreign government seems to make sense.
In an official statement of the incident, Joseph Swedish, Anthem's chairman and CEO, said the leaked customer data included names, birthdays, medical IDs, SSNs, addresses, e-mail addresses, and details about employment and income.
He called the breach "a highly sophisticated external attack", suggesting that a group of highly skilled, resource-backed hackers may be behind the hack.
According to The Wall Street Journal, researchers say the Anthem hack was carried out using malicioussoftware that appears to have been used almost exclusively by Chinese cyberspies.
The attack on Anthem's systems is not an amateur job, that's for sure.
Reports from many news channels report that the Anthem data stored in the system was not encrypted, highlighting the fact that intruders could access plain text files.
Η encryption you use for her protection of the stored information, as well as during the transfer from the client to the server. This ensures that unauthorized people cannot make use of the information even when they have it in their hands, or at least they can make less use of it.
But according to Anthem, there was unauthorized activity at log-in administrator credentials from December 10, 2014 which continued sporadically until January 27, 2015. The company's investigation showed that log-in credentials from multiple administrators had changed hands.