Los Angeles

California Insurance Officials Say 'Foreign Government' Linked To Anthem Cyber Breach

/ KCAL News

SACRAMENTO (CBSLA.com) — A cyber security breach of health insurance giant Anthem which compromised the records of nearly 80 million consumers was likely committed by a party "acting on behalf of a foreign government", state insurance officials said Friday.

Officials with the California Department of Insurance released the results of a national investigation into Insurance Commissioner Dave Jones called "one of the largest cyber hacks of an insurance company's customer data."

"In this case, our examination team concluded with a significant degree of confidence that the cyber attacker was acting on behalf of a foreign government," said Jones.

The cyber breach was first discovered by Anthem on Jan. 27, 2015. In early Feb. 2015, Anthem and its affiliates announced the company had suffered a major breach, which compromised 78.8 million consumer records, including records of at least 12 million minors.

In response to the breach, Anthem agreed to pay more than $260 million to upgrade its information security systems and provide credit protection to all consumers whose information was compromised.

Investigators determined the data breach began in Feb. 2014 when they say a user within one of Anthem's subsidiaries opened a phishing email containing malicious content, which permitted the download of malicious files to the user's computer and allowed hackers to gain remote access to that computer and at least 90 other systems within the Anthem enterprise, including Anthem's data warehouse.

The identity of the attacker was later determined "with a high degree of confidence", while investigators concluded "with a medium degree of confidence" that the attacker was acting on behalf of a foreign government, officials said. The identity of the foreign government was not revealed.

Insurance officials used an examination team composed of the cybersecurity firm CrowdStrike and Alvarez & Marsal Insurance and Risk Advisory Services, LLC, which focused its investigation on Anthem's response preparedness and adequacy both before and prior to the breach.

CrowdStrike is the same firm used by the FBI to investigate the hacking of the Democratic National Committee in May 2016.

First published on January 6, 2017 / 9:57 AM PST

© 2017 CBS Broadcasting Inc. All Rights Reserved.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.