IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Foreign Nation Likely Was Behind Massive Insurance Data Breach, California Says

An unnamed foreign nation likely was responsible for carrying out a cyberbreach that compromised nearly 79 million consumer records of health insurance company Anthem and its affiliates in 2014, according to the California Department of Insurance.

An unnamed foreign nation likely was responsible for carrying out a cyberbreach that compromised nearly 79 million consumer records of health insurance company Anthem and its affiliates in 2014, according to the California Department of Insurance.

As part of a multistate regulatory settlement announced Friday, Anthem will spend $260 million to improve the security of its systems. The breach occurred when an employee at one of the company's subsidiaries clicked on a phishing email, the department said.

A post-incident examination team found that Anthem had taken reasonable steps to protect data prior to the breach, and effectively responded to protect consumers after the breach was discovered in January 2016. Anthem is providing two years of consumer protection services to affected consumers.

"This was one of the largest cyberhacks of an insurance company's customer data," said California Insurance Commissioner Dave Jones in a announcement on Friday. "Insurers have an obligation to make sure consumers' health and financial information is protected. Insurance commissioners required Anthem to take a series of steps to improve its cybersecurity and provide credit protection for consumers affected by the breach. In this case, our examination team concluded with a significant degree of confidence that the cyberattacker was acting on behalf of a foreign government. Insurers and regulators alone cannot stop foreign government-assisted cyberattacks. The United States government needs to take steps to prevent and hold foreign governments and other foreign actors accountable for cyberattacks on insurers, much as the president did in response to Russian government-sponsored cyberhacking in our recent presidential election."

The multistate examination concluded that the attacker in the Anthem breach used more than 50 accounts to compromise more than 90 systems in the company's environments, including its data warehouse, in order to access personally identifiable information (PII) of consumers.

Matt Williams was Managing Editor of Techwire from June 2014 through May 2017.