We knew ahead of time but waited until the CEO of Anthem made a public statement. The Anthem breach will prove to be one of the biggest breaches in Healthcare history. The breach is being investigated by the FBI and several large new organizations leaked information on the breach prior to an official announcement earlier today.
We will make this a sticky post and follow the developments.
2/4/2015: Official Notification Came Out Today but was proceeded by news media leaks of details.
2/4/2015: WSJ appears to have been the first news media organization to break the story.
2/5/2015: DataBreaches also posted information they have compiled here.
2/5/2015: Major News continues to report on the issue.
2/5/2015: LA Times reporting really specific information on the case.
From the LA Times:
Suspicious activity was first noticed and reported Jan. 27. Two days
later, an internal investigation verified that the company was a victim
of a cyber attack, the company said. The unauthorized access to the vast
database goes back to Dec. 10.
Cybersecurity analysts warned that
the thieves may attack Anthem again using the employee data they took.
Anthem said it’s working to strengthen security and identify any
potential gaps.
“It is highly possible that they are preparing for
another attack, such as a social engineering or phishing attack, that
may give them access to systems that they were unable to reach,” said
Tom DeSot, chief information officer of cybersecurity firm Digital
Defense Inc. in San Antonio.
Previously Reported:
Anthem Blue Cross Data Breach (Nov 2014) - Our Previous Report
From Krebs:
Bloomberg reports that U.S. federal investigators probing the theft of 80 million Social Security records and other sensitive data from insurance giant Anthem Inc.
are pointing the finger at state-sponsored hackers from China.
Although unconfirmed, that suspicion would explain a confidential alert
the FBI circulated last week warning that Chinese
hackers were targeting personally identifiable information from U.S.
commercial and government networks.
The purpose of this page is to provide awareness to individuals and organizations that are leaking information and the information of their customers. The entities listed on this site are verified to be leaking personal information sometimes without the company even being aware. SLC Security is now owned and operated by Jigsaw Security Enterprise. We are currently in process and as such this blog will eventually be taken offline and merged with Jigsaw Security resources.
No comments:
Post a Comment