The latest high profile data breach is a big one. Health insurance provider Anthem is reporting that records of as many 80 million customers and employees have been compromised. Anthem is the second largest health insurance provider in the United States, with approximately 38 million medical members.
The Anthem data breach may be the largest breach of healthcare data in history. In a statement on the breach, CEO Joseph Swedish acknowledged that even his own personal data was compromised.
Healthcare data is among the most coveted by hackers because it includes highly personalized details of the consumers of healthcare services. Although there is no indication that the hackers obtained medical records or financial data, what they were able to get is gold to criminal hackers. The data included names, addresses, social security numbers, email addresses and employment histories.
Unlike financial fraud, medically related fraud is often not reported quickly. Consumers do not monitor medical and insurance statements as closely or routinely as they do for their financial records. Hackers are eager to take advantage of this fact.
Anthem reports that the breach was discovered last week, but does not indicate how long the exposure period is. The company is cooperating with law enforcement, including the FBI, and has retained security firm Mandiant to assist with the investigation of the breach.
Anthem will contact compromised customers individually and will offer them free credit and identity theft protection services. This is a relatively rapid response. Under Federal law they have up to 60 days to notify potential victims of a possible data breach