Anthem Inc. announced on February 4, 2015 that the personal information of many current and former policy holders had been compromised in what is suspected to be the largest health-care breach ever. The breach occurred one year after the FBI warned the health care industry that they were being targeted by hackers.
Anthem has nearly 200 security specialists, and their chief information officer insists that their “security capabilities are certainly on par with the industry, if not better.” Despite extensive security measures, hackers were able to steal as many as 80 million individuals’ names, addresses, birth dates, member IDs, social security numbers, and employment information.
Experts say that victims may be further wronged through identity theft schemes in years to come. Such schemes include fraudulent tax returns and medical identity fraud – the latter of which can have fatal consequences. Furthermore, identity thieves will pay up to 50 times the normal price for stolen medical records because medical records allow them to create a more complete identity.
Potential class-action lawsuits have already been filed against Anthem. The lawsuits allege that appropriate measures were not taken to encrypt personal information that was stolen in the breach. In support of those allegations, The Wall Street Journal reported that Anthem customer social security numbers were not encrypted.
The Anthem data breach is yet another wakeup call that technology security measures must be increasingly stringent. Sometimes industry standards are not good enough. Please contact LaSalle Consulting Partners to learn about how your organization could better safeguard its assets and electronic information.
LaSalle Consulting Partners, Inc.
200 W Madison St | Suite 940 | Chicago, IL 60606 | 312-361-3326