Making a new revelation in the recent incidence of cyber attack that led to the breach of millions of health insurance records, US largest health insurance facility Anthem Inc. said that the hackers had obtained the credentials of its five employees in an attempt to penetrate the company’s system, or they may have been inside the network since December last year.
Around 80 million health insurance records, including social security numbers and other customer and employee information, was stoles by the hackers during last week’s breach attempt.
According to the company, has said one of its computer administrators discovered on Jan. 27 that an outsider was using his security credentials to log in to Anthem’s system. Investigators now believe the hackers somehow obtained credentials of five different tech workers, possibly through email phishing attempts.
Kristin Binns, spokeswoman for Anthem Inc., on Friday said that a breach attempt on the company’s network was made by the hackers on December 10 that had the similar hallmark as the attempt discovered last week.
Binns said that the security mechanism of company’s network succeeded in deflecting that attempt. However, the data was stolen sometime later on.
Meanwhile, the security experts have cautioned the industry players that more cyber attacks on health care organizations are expected due to the high value of the data present on the black market.
Health Information Trust Alliance CEO Daniel Nutkis said, “The industry has become a much bigger target over the last three years.”
Health Information Trust Alliance is an industry group working with health care organizations in order to improve their data security.
The medical identity theft is turning into a booming business, the security experts said, while warning other health care firms that can also be on the hackers’ target
Testing their breach methods before attacking others is a common technique of hackers, the security experts explain.
A survey of 91 health care organizations, conducted by a data security-based research center ‘Ponemon Institute’ in 2013, showed that 90 percent of the health care companies experienced at least one data breach that year.